RLS Error Handling

I have a policy that uses a function for the USING and its working as intended, however the response from the policy is a 404 since technically it doesnt find a matching record in the function. How do I get the RLS error to bubble up to the database query instead of just returning a 404?

create policy "Products can only be updated by a shop admin or moderator"
  ON public.products for UPDATE
  USING (
    user_belongs_to_shop(auth.uid(), shop_id)
    AND
    (
      shop_user_has_role(auth.uid(), 'ADMIN'::user_shops_roles, id) 
      OR
      shop_user_has_role(auth.uid(), 'MODERATOR'::user_shops_roles, id) 
    )
  );

create policy "Products can only be updated by a shop admin or moderator"
  ON public.products for UPDATE
  USING (
    user_belongs_to_shop(auth.uid(), shop_id)
    AND
    (
      shop_user_has_role(auth.uid(), 'ADMIN'::user_shops_roles, id) 
      OR
      shop_user_has_role(auth.uid(), 'MODERATOR'::user_shops_roles, id) 
    )
  );

When I try to make an update that'll return false for the USING I get the following -->

{"body": null, "count": null, "data": null, "error": [], "status": 404, "statusText": "Not Found"}

{"body": null, "count": null, "data": null, "error": [], "status": 404, "statusText": "Not Found"}

Im pretty sure its due to the function logic itself - which looks like this

  RETURN EXISTS(SELECT 1 FROM public.user_shops  
    WHERE user_id = $1
    AND shop_id = $3
    AND role = $2);

  RETURN EXISTS(SELECT 1 FROM public.user_shops  
    WHERE user_id = $1
    AND shop_id = $3
    AND role = $2);

I was assuming that RLS checks returning a boolean would fail/succeed the RLS policy and return a policy error vs a 404.

Appreciate anyone's help on this!

RLS Error Handling

create policy "Products can only be updated by a shop admin or moderator"
  ON public.products for UPDATE
  USING (
    user_belongs_to_shop(auth.uid(), shop_id)
    AND
    (
      shop_user_has_role(auth.uid(), 'ADMIN'::user_shops_roles, id) 
      OR
      shop_user_has_role(auth.uid(), 'MODERATOR'::user_shops_roles, id) 
    )
  );

create policy "Products can only be updated by a shop admin or moderator"
  ON public.products for UPDATE
  USING (
    user_belongs_to_shop(auth.uid(), shop_id)
    AND
    (
      shop_user_has_role(auth.uid(), 'ADMIN'::user_shops_roles, id) 
      OR
      shop_user_has_role(auth.uid(), 'MODERATOR'::user_shops_roles, id) 
    )
  );

When I try to make an update that'll return false for the USING I get the following -->

{"body": null, "count": null, "data": null, "error": [], "status": 404, "statusText": "Not Found"}

{"body": null, "count": null, "data": null, "error": [], "status": 404, "statusText": "Not Found"}

Im pretty sure its due to the function logic itself - which looks like this

  RETURN EXISTS(SELECT 1 FROM public.user_shops  
    WHERE user_id = $1
    AND shop_id = $3
    AND role = $2);

  RETURN EXISTS(SELECT 1 FROM public.user_shops  
    WHERE user_id = $1
    AND shop_id = $3
    AND role = $2);

I was assuming that RLS checks returning a boolean would fail/succeed the RLS policy and return a policy error vs a 404.

Appreciate anyone's help on this!

RLS Error Handling

Similar Threads

RLS Error Handling

Similar Threads

Similar Threads

Similar Threads