https://supabase.com/ logo
Join Discord
Powered by
hy! I used prisma migrations, and reached the poin...
# help
t
hy! I used prisma migrations, and reached the point when RLS works again, but realtime isn't working even if I disable rls for the tables. Any idea what roles/triggers/etc could be messed up?
n
Hello @tg44! This thread has been automatically created from your message in #843999948717555735 a few seconds ago. We have already mentioned the @User so that they can see your message and help you as soon as possible! Want to unsubscribe from this thread? Right-click the thread in Discord (or use the ``...`` menu) and select "Leave Thread" to unsubscribe from future updates. Want to change the title? Use the ``/title`` command! We have solved your problem? Click the button below to archive it.
g
Have you set up realtime under database/replication including selecting the table? Maybe show your realtime call?
t
Yes, and my realtime call is a * on a table with the subscribe, the wss is open, the hearthbeat is on
I use a selfmade jwt, but the rls is working with it, and also I disabled rls
g
If not related to that, I wonder if realtime has a user than needs access to tables and that user did not get grants on Prisma created tables, although people with that reported issue got it working without messing with grants.
t
Its not enums, I have no enums...
Prisma migrate in fact messing with grants
It recreates the public schema and you need to add back the user grants by hand
But ive done this and rls is working
I wanted to create a virgin project to check out stuff and maybe create a repro but ofc there is an incident rn
g
Yes on new projects being down. There is not a separate realtime "user" that I see. And I don't recall seeing any issues the past few months with realtime/prisma/grants other than the general prisma/grant issue.
Do you have anything in this table?
t
Nope
This also could be my jwt
I will try tomorrow without an auth key set
g
Hmmm. Could be if there is no role claim the code does not deal with null...
t
And what should I add to the role?
g
It may just use that for the RLS so anon might work, if you are handling RLS when you want to use realtime on an RLS table. Mainly first step is to see if it populates that table with a jwt role.
t
Kk, thx, I will try tomorrow morning, it already gave me some tips to dig further
g
From the realtime readme... `The JavaScript and C# client libraries are now compatible with Realtime RLS. To get started, create a database table inside the 
public
schema, enable row level security, and set at least one row security policy. Then, pass a JWT with your claims, 
role
(a database role like 
postgres
) is required, when creating a channel.` Note that Realtime RLS does not mean the table has RLS on, but the version of Realtime has RLS support turned on, which SB instances do.
t
adding 
role: 'anon',
to the jwt solved the problem
it would be super nice to write this down either to the realtime section or the authentication section
g
You could suggest that in a GitHub issue so SB sees it.
t
thanks the help!
n
Thread was archived by @tg44. Anyone can send a message to unarchive it.
PreviousNext
Powered by