Supabase
Is it possible to call RPC with particular policy #28798
Replies: 2 comments 3 replies
-
|
Not really clear on what you are trying to do. RLS if you use rpc with a default function applies based on the tables. You can use roles from various methods as part of the table RLS policies to allow different users to see that data. If you want your function to ignore RLS then you can make it security definer type and put all role checking you want in the function itself as it will ignore RLS on the tables. |
Beta Was this translation helpful? Give feedback.
-
|
You should reply in line versus start a new answer. You can use auth.uid() and auth.role() or Postgres SQL current_user (if not using a security definer function). Auth.jwt() will also get you all claims fo the calling user. |
Beta Was this translation helpful? Give feedback.
-
|
thank you for you answer didn't know about that |
Beta Was this translation helpful? Give feedback.
-
|
if you had a quick example that would be great.Thanks |
Beta Was this translation helpful? Give feedback.
-
|
How can I check if the user is authenticated and that the user id is really the current one calling the method.Thanks for your help |
Beta Was this translation helpful? Give feedback.
-
I would like to create a rpc function protected by a different policy.
Is it possible.
For example let say role1 has the permission to see all the data and role2 has the possibility to access only a portion of the db.
I would like making statistics with data that role2 have access to but make the statistic function only return result to role1.
Thanks you in advance
Beta Was this translation helpful? Give feedback.
All reactions