more system tests as login is borked

components/SystemCheck.tsx

@@ -1,5 +1,5 @@
 import React, { useState, useEffect, useCallback } from 'react';
-import { supabase, invokeSystemCheckFunction } from '../services/supabaseClient';
+import { supabase, invokeSystemCheckFunction, runDatabaseSelfTest } from '../services/supabaseClient';
 import { ShieldCheckIcon } from './icons/ShieldCheckIcon';
 import { LoadingSpinner } from './LoadingSpinner';
 import { CheckCircleIcon } from './icons/CheckCircleIcon';
@@ -16,11 +16,13 @@ interface Check {
 }
 
 const initialChecks: Check[] = [
+    { id: 'gemini', name: 'Gemini API Key', status: 'idle', message: 'Verifies the VITE_API_KEY is set.' },
     { id: 'schema', name: 'Database Schema', status: 'idle', message: 'Verifies required tables exist.' },
     { id: 'rls', name: 'RLS Policies', status: 'idle', message: 'Verifies key security policies are active.' },
     { id: 'trigger', name: 'User Creation Trigger', status: 'idle', message: 'Checks function security configuration.' },
     { id: 'storage', name: 'Storage Bucket', status: 'idle', message: "Checks 'flyers' bucket exists and is public." },
     { id: 'functions', name: 'Edge Functions', status: 'idle', message: "Verifies 'delete-user' and 'seed-database' are deployed." },
+    { id: 'permissions', name: 'Client Permissions', status: 'idle', message: 'Verifies anon key can perform basic CRUD.' },
     { id: 'seed', name: 'Seeded Users', status: 'idle', message: 'Verifies default development users exist.' },
 ];
 
@@ -45,13 +47,23 @@ export const SystemCheck: React.FC<SystemCheckProps> = ({ onReady }) => {
 
         let allTestsPassed = true;
 
-        // Step 1: Backend Schema, RLS, Trigger, Storage checks via Edge Function
+        // Step 1: Check for Gemini API Key
+        if (import.meta.env.VITE_API_KEY) {
+            updateCheckStatus('gemini', 'pass', 'VITE_API_KEY is present.');
+        } else {
+            allTestsPassed = false;
+            updateCheckStatus('gemini', 'fail', 'VITE_API_KEY is missing from your environment variables.');
+        }
+
+        // Step 2: Backend Schema, RLS, Trigger, Storage checks via Edge Function
         try {
             const results = await invokeSystemCheckFunction();
             for (const key in results) {
                 const { pass, message } = results[key];
                 updateCheckStatus(key, pass ? 'pass' : 'fail', message);
-                if (!pass) allTestsPassed = false;
+                if (!pass) {
+                    allTestsPassed = false;
+                }
             }
         } catch (e: any) {
             allTestsPassed = false;
@@ -59,12 +71,12 @@ export const SystemCheck: React.FC<SystemCheckProps> = ({ onReady }) => {
             failedCheckIds.forEach(id => updateCheckStatus(id, 'fail', e.message));
         }
 
-        if (!allTestsPassed) {
+        if (!allTestsPassed) { // Stop if fundamental checks fail
             setIsRunning(false);
             return;
         }
 
-        // Step 2: Edge Function Deployment
+        // Step 3: Edge Function Deployment
         try {
             // Test if functions are deployed by calling them. A "Not found" error is a failure.
             // Any other error (like missing body) is a pass for this check's purpose.
@@ -80,12 +92,23 @@ export const SystemCheck: React.FC<SystemCheckProps> = ({ onReady }) => {
             updateCheckStatus('functions', 'fail', `${e.message} Please deploy it via the Supabase CLI.`);
         }
         
-        if (!allTestsPassed) {
+        // Step 4: Client-side CRUD test
+        try {
+            const { success, error } = await runDatabaseSelfTest();
+            if (!success) throw new Error(error || 'Client-side CRUD test failed.');
+            updateCheckStatus('permissions', 'pass', 'Anon key has correct table permissions.');
+        } catch (e: any) {
+            allTestsPassed = false;
+            updateCheckStatus('permissions', 'fail', e.message);
+        }
+
+        if (!allTestsPassed) { // Stop if core permissions fail
             setIsRunning(false);
             return;
         }
 
-        // Step 3: Seeded User Login
+
+        // Step 5: Seeded User Login
         try {
             const { error } = await supabase.auth.signInWithPassword({
                 email: 'admin@example.com',