https://supabase.com/ logo
Join Discord
Powered by
I am scratching my head - doing something incorrec...
# help
t
I am scratching my head - doing something incorrect with a policy. My intent here is that a user can only see/modify resources that they are member of. This doesn't work. What am I doing wrong?
Copy code
create policy resource_users_manage on public.resources
  for all using (public.resources.id in (select resource_id from public.resource_users where auth.uid() = user_id))
  with check (public.resources.id in (select resource_id from public.resource_users where auth.uid() = user_id));
n
Hello @timeforpoptarts! This thread has been automatically created from your message in #843999948717555735 a ``few seconds ago``. Pinging @User so that they see this as well! Want to unsubscribe from this thread? Right-click the thread in Discord (or use the ... menu) and select Leave Thread to unsubscribe from future updates. Want to change the title? Use the 
/title
command! We have solved your problem? Click the button below to archive it.
g
It would help to show your table columns and types, or at least the ones you are referencing.
n
timeforpoptarts (2022-04-13)
t
Copy code
create table public.resource_users(
  resource_id bigint references public.resources(id) on delete cascade not null,
  user_id uuid references public.users(id) on delete cascade not null,
  primary key(resource_id, user_id)
);
Copy code
create table public.users(
  id uuid unique not null primary key,
  attributes jsonb not null default '{}'::jsonb
);
This isn't working, either.
Copy code
create policy resource_users_manage on public.resources
  for all using (auth.uid() in (select user_id from public.resource_users where public.resources.id = public.resource_users.resource_id))
  with check (auth.uid() in (select user_id from public.resource_users where public.resources.id = public.resource_users.resource_id));
While this query returns expected number of rows:
Copy code
select * from resources where '5f3df9ab-ea27-4f51-85fd-49e2cb817f97' in (select user_id from resource_users um where resources.id = um.resource_id)
I figured it out.
The policy on the join table wasn't set.
PreviousNext
Powered by