[SOLVED]
Does anyone know what the rls policy for ...
# helpg
GHOST
03/21/2022, 6:30 PM[SOLVED]
Does anyone know what the rls policy for a SELECT would look like where the user should only be able to get their own data? The table they are selecting from has a
user_idn
Needle
03/21/2022, 6:30 PMHello @GHOST!
This thread has been automatically created from your message in #843999948717555735 a ``few seconds ago``.
Pinging @User so that they see this as well!
Want to unsubscribe from this thread?
Right-click the thread in Discord (or use the ... menu) and select Leave Thread to unsubscribe from future updates.
Want to change the title?
Use the
/titles
Scott P
03/21/2022, 6:32 PM(auth.uid() = user_id)n
Needle
03/21/2022, 6:32 PMGHOST (2022-03-21)
g
GHOST
03/21/2022, 6:33 PMI tried this but it didn't seem to work unfortunately
GHOST
03/21/2022, 6:34 PMif I do a query such as:
Copy code
js
await supabase
.from('user_profile')
.select('first_name')
.eq('user_id', user.id);GHOST
03/21/2022, 6:34 PMI get a
{ data: [], error: null }GHOST
03/21/2022, 6:34 PMbut it works if I set the rls for select to
trues
Scott P
03/21/2022, 6:39 PMIf you have an RLS policy for
user_id.eq('user_id', user.id)trueuser.iduser_iduser.iduser_idg
GHOST
03/21/2022, 6:40 PM> Make sure your user.id is the same as the user_id of at least 1 of the rows in the table. Content should be identical, but the type should also be identical (i.e. user.id is a UUID, so user_id should also be UUID)
this is definately done
GHOST
03/21/2022, 6:41 PM> If you set the policy to true, it's going to allow any user, authorised or not, to access the entire table.
Ooh I wonder if it's authenticating the user - currently getting this data server side so might not be authenticating
GHOST
03/21/2022, 6:42 PMyea it works on client so it's a authentication issue
GHOST
03/21/2022, 6:43 PMthank you for the help
n
Needle
03/21/2022, 6:43 PMThread was archived by . Anyone can send a message to unarchive it.