dwindown/meet-hub
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix SQL errors in RLS policy scripts

Browse Source 
- Remove profiles.role reference (column doesn't exist)
- Use simplified policies (all authenticated users can modify)
- Drop all existing storage policies before creating new ones to avoid conflicts
- Fix policy already exists error in STORAGE_RLS_FIX.sql

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
This commit is contained in:
dwindown
2025-12-24 14:42:37 +07:00
parent 9fdcf07439
commit 8441063f0c
2 changed files with 22 additions and 83 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
STORAGE_RLS_FIX.sql
View File

@@ -12,10 +12,12 @@ SELECT * FROM storage.buckets WHERE name = 'content';
-- INSERT INTO storage.buckets (id, name, public)
-- VALUES ('content', 'content', true);
-- Step 2: Drop existing policies (if any) on brand-assets
-- Step 2: Drop ALL existing policies first to avoid conflicts
DROP POLICY IF EXISTS "Authenticated users can upload brand assets" ON storage.objects;
DROP POLICY IF EXISTS "Authenticated users can update brand assets" ON storage.objects;
DROP POLICY IF EXISTS "Authenticated users can delete brand assets" ON storage.objects;
DROP POLICY IF EXISTS "Public can view brand assets" ON storage.objects;
DROP POLICY IF EXISTS "Authenticated users can list brand assets" ON storage.objects;
-- Step 3: Create policies for brand-assets upload
@@ -59,7 +61,7 @@ USING (
AND (name LIKE 'brand-assets/logo/%' OR name LIKE 'brand-assets/favicon/%')
);
-- Step 5: Allow LIST operation for authenticated users (needed for auto-delete)
-- Policy 5: Allow LIST operation for authenticated users (needed for auto-delete)
CREATE POLICY "Authenticated users can list brand assets"
ON storage.objects FOR SELECT
TO authenticated
@@ -79,12 +81,11 @@ SELECT
policyname,
permissive,
roles,
cmd,
qual,
with_check
cmd
FROM pg_policies
WHERE tablename = 'objects'
AND schemaname = 'storage';
AND schemaname = 'storage'
AND policyname LIKE '%brand assets%';
-- Test if you can access the bucket
SELECT * FROM storage.objects WHERE bucket_id = 'content' LIMIT 5;
@@ -106,15 +107,3 @@ AND tablename = 'objects';
-- 3. Check bucket is public
SELECT * FROM storage.buckets WHERE name = 'content';
-- =====================================================
-- ALTERNATIVE: Less restrictive policies (NOT RECOMMENDED for production)
-- =====================================================
-- Only use these if you trust all authenticated users completely
-- -- Allow full access to content bucket for authenticated users
-- CREATE POLICY "Authenticated users have full access to content bucket"
-- ON storage.objects FOR ALL
-- TO authenticated
-- USING (bucket_id = 'content')
-- WITH CHECK (bucket_id = 'content');