Can someone smarter than me explain public vs priv...
# off-topic
d
Can someone smarter than me explain public vs private buckets? ~~I have a public bucket called
prof-pics
and each folder is the user's
uuid
I have RLS rules that: Insert/update/delete if the uuid matches the folder name Select if authorized If I use the method
getPublicUrl
I get a URL for the file, but I don't see a token or anything, so how can supabase auth the caller? If I go to the dashboard and click "Copy URL" I can view this anywhere. Is the token in the URL a super auth token? And what's the diff between public and private? Public buckets are for assets and things were anyone can look at them? Does that mean that RLS don't work with public buckets?~~ Public buckets: Allow everyone
SELECT
access but RLS for everything else. Private buckets: RLS for everything.
g
Public buckets have a public URL that allows everyone access. They still enforce RLS on a storage download with path.
n
Thread was archived by @DanMossa. Anyone can send a message to unarchive it.