DanMossa
03/11/2022, 7:28 PMprof-pics
and each folder is the user's uuid
I have RLS rules that:
Insert/update/delete if the uuid matches the folder name
Select if authorized
If I use the method getPublicUrl
I get a URL for the file, but I don't see a token or anything, so how can supabase auth the caller?
If I go to the dashboard and click "Copy URL" I can view this anywhere. Is the token in the URL a super auth token?
And what's the diff between public and private?
Public buckets are for assets and things were anyone can look at them? Does that mean that RLS don't work with public buckets?~~
Public buckets: Allow everyone SELECT
access but RLS for everything else.
Private buckets: RLS for everything.garyaustin
03/11/2022, 8:38 PMNeedle
03/12/2022, 4:31 PM