TechQA.

how to use supabase RLS with "in" and "select" without having to provide unrestricted RLS access to the joined tables

239 views Asked by At

I am trying to set up simple RLS on my supabase tables. I enabled RLS on all tables, then added this policy to a table I wanted to select from:

(project_id IN ( SELECT projects.id FROM projects))

However, it always fails because the table projects also has RLS on.

In reality, the policies would be more complicated and involve multiple tables.

How do I work with RLS without having to expose all the tables required to make the RLS policy?

postgresql supabase row-level-security supabase-database
Original Q&A
1

There are 1 answers

0
Nathan Tew On BEST ANSWER

Okay, figured it out, turns out it's relatively simple but I'll post an answer for people coming across the same issues with no guidance.

Solution was to use security definer functions which can query RLS-protected tables without RLS penalties:

https://supabase.com/docs/guides/database/postgres/row-level-security#use-security-definer-functions

https://supabase.com/docs/guides/auth/row-level-security#using-security-definer-functions

You can create a new schema, private, and add the functions you need using the SQL editor or the GUI. The function can take arguments, as shown in the postgres documentation, which also explains some other options:

https://www.postgresql.org/docs/current/sql-createfunction.html

Related Questions in POSTGRESQL

Related Questions in SUPABASE

Related Questions in ROW-LEVEL-SECURITY

Related Questions in SUPABASE-DATABASE

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions