Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Does supabase db push also push RLS policies to remote DB? #2938

Open
akdeb opened this issue Dec 2, 2024 · 1 comment
Open

Does supabase db push also push RLS policies to remote DB? #2938

akdeb opened this issue Dec 2, 2024 · 1 comment

Comments

@akdeb
Copy link

akdeb commented Dec 2, 2024

Describe the bug
My local DB has an RLS policy that I am not being able to push to the remote DB with supabase db push

To Reproduce

These are my local RLS policies (as confirmed with supabase studio GUI and the SQL editor)

[
  {
    "schemaname": "public",
    "tablename": "users",
    "policyname": "Enable insert for authenticated users only",
    "permissive": "PERMISSIVE",
    "roles": "{authenticated}",
    "cmd": "INSERT",
    "qual": null,
    "with_check": "true"
  },
  {
    "schemaname": "public",
    "tablename": "users",
    "policyname": "Enable read access for all users",
    "permissive": "PERMISSIVE",
    "roles": "{public}",
    "cmd": "SELECT",
    "qual": "true",
    "with_check": null
  },
  {
    "schemaname": "public",
    "tablename": "users",
    "policyname": "Enable update for users based on email",
    "permissive": "PERMISSIVE",
    "roles": "{public}",
    "cmd": "UPDATE",
    "qual": "((( SELECT auth.jwt() AS jwt) ->> 'email'::text) = email)",
    "with_check": "((( SELECT auth.jwt() AS jwt) ->> 'email'::text) = email)"
  },
  {
    "schemaname": "public",
    "tablename": "users",
    "policyname": "Update user table",
    "permissive": "PERMISSIVE",
    "roles": "{anon}",
    "cmd": "UPDATE",
    "qual": "true",
    "with_check": "true"
  }
]

These are the policies on the remote DB before and after running supabase db push --linked --include-all

[
  {
    "schemaname": "public",
    "tablename": "users",
    "policyname": "Enable update for users based on email",
    "permissive": "PERMISSIVE",
    "roles": "{public}",
    "cmd": "UPDATE",
    "qual": "((( SELECT auth.jwt() AS jwt) ->> 'email'::text) = email)",
    "with_check": "((( SELECT auth.jwt() AS jwt) ->> 'email'::text) = email)"
  },
  {
    "schemaname": "public",
    "tablename": "users",
    "policyname": "Enable read access for all users",
    "permissive": "PERMISSIVE",
    "roles": "{public}",
    "cmd": "SELECT",
    "qual": "true",
    "with_check": null
  },
  {
    "schemaname": "public",
    "tablename": "users",
    "policyname": "Enable insert for authenticated users only",
    "permissive": "PERMISSIVE",
    "roles": "{authenticated}",
    "cmd": "INSERT",
    "qual": null,
    "with_check": "true"
  }
]

Expected behavior
Expecting local and remote to have the same RLS policies.

If applicable, add screenshots to help explain your problem.

Additional context
If applicable, add any other context about the problem here.

  • Browser: chrome
  • Supabase version Supabase CLI 1.192.5
@akdeb akdeb changed the title Does supabase db push also push RLS policies to remote? Does supabase db push also push RLS policies to remote DB? Dec 2, 2024
@sweatybridge
Copy link
Contributor

Can you run supabase db diff -f add_policy locally to see if any new migration is generated?

I suspect you are missing a policing in your existing migration files.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@sweatybridge @akdeb