You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Have a table with rows that can only be edited by a user with their user_id
eg: Table called feedback with rows: feedback_id: int8, user_id: uuid with forgein key to auth.users.id, content: text
Apply the RLS rule for enforcing updates
create policy "allow users to edit their own feedback"on"public"."feedback"as permissive for update to authenticated using ((( SELECTauth.uid() AS uid) = user_id));
Expected behavior
Warning goes away
System information
Issue with hosted Supabase
The text was updated successfully, but these errors were encountered:
Yes I noticed the behavior too. I avoided warnings by extracting whole using conditions into 'security definer' functions, or db function that inspects auth informations and returns boolean.
Please start from approach 2 is_admin function in the RLS best practice discussion. And please be advised that it has somewhat steep learning curve. IMO It should be a part of documentation but it is what it is for now.
Bug report
Describe the bug
With the new performance advisor, I get the following for my table
After updating the RLS policy:
The warning on the performance advisor does not go away
Seems like I am not the only one who has this error: https://www.reddit.com/r/Supabase/comments/1ca5gri/auth_rls_initialization_plan_warnings_not_going/
To Reproduce
eg: Table called
feedback
with rows:feedback_id: int8
,user_id: uuid
with forgein key toauth.users.id
,content: text
Expected behavior
Warning goes away
System information
The text was updated successfully, but these errors were encountered: