Custom claims package

Hi everyone, I'm using this package here for authorization and storing some additional metadata: https://github.com/supabase-community/supabase-custom-claims

The way it is set up it allows users with the

claims_admin

claims_admin

claim change claims. Now what I want to do is also let my service role update claims. Currently the function looks like this:

    BEGIN
      IF NOT is_claims_admin() THEN
          RETURN 'error: access denied';
      ELSE        
        update auth.users set raw_app_meta_data = 
          raw_app_meta_data || 
            json_build_object(claim, value)::jsonb where id = uid;
        return 'OK';
      END IF;
    END;

    BEGIN
      IF NOT is_claims_admin() THEN
          RETURN 'error: access denied';
      ELSE        
        update auth.users set raw_app_meta_data = 
          raw_app_meta_data || 
            json_build_object(claim, value)::jsonb where id = uid;
        return 'OK';
      END IF;
    END;

I want something like this but I don't know how to achieve it:

    BEGIN
      IF NOT is_claims_admin() OR **SERVICE_ROLE** THEN
          RETURN 'error: access denied';
      ELSE        
        update auth.users set raw_app_meta_data = 
          raw_app_meta_data || 
            json_build_object(claim, value)::jsonb where id = uid;
        return 'OK';
      END IF;
    END;

    BEGIN
      IF NOT is_claims_admin() OR **SERVICE_ROLE** THEN
          RETURN 'error: access denied';
      ELSE        
        update auth.users set raw_app_meta_data = 
          raw_app_meta_data || 
            json_build_object(claim, value)::jsonb where id = uid;
        return 'OK';
      END IF;
    END;

Sorry for tagging you @Mark Burggraf but you seem to be the maintainer of that package.

GitHub

GitHub - supabase-community/supabase-custom-claims: How to implemen...

How to implement custom claims with Supabase. Contribute to supabase-community/supabase-custom-claims development by creating an account on GitHub.

Custom claims package

claims_admin

claims_admin

claim change claims. Now what I want to do is also let my service role update claims. Currently the function looks like this:

    BEGIN
      IF NOT is_claims_admin() THEN
          RETURN 'error: access denied';
      ELSE        
        update auth.users set raw_app_meta_data = 
          raw_app_meta_data || 
            json_build_object(claim, value)::jsonb where id = uid;
        return 'OK';
      END IF;
    END;

    BEGIN
      IF NOT is_claims_admin() THEN
          RETURN 'error: access denied';
      ELSE        
        update auth.users set raw_app_meta_data = 
          raw_app_meta_data || 
            json_build_object(claim, value)::jsonb where id = uid;
        return 'OK';
      END IF;
    END;

I want something like this but I don't know how to achieve it:

    BEGIN
      IF NOT is_claims_admin() OR **SERVICE_ROLE** THEN
          RETURN 'error: access denied';
      ELSE        
        update auth.users set raw_app_meta_data = 
          raw_app_meta_data || 
            json_build_object(claim, value)::jsonb where id = uid;
        return 'OK';
      END IF;
    END;

    BEGIN
      IF NOT is_claims_admin() OR **SERVICE_ROLE** THEN
          RETURN 'error: access denied';
      ELSE        
        update auth.users set raw_app_meta_data = 
          raw_app_meta_data || 
            json_build_object(claim, value)::jsonb where id = uid;
        return 'OK';
      END IF;
    END;

Sorry for tagging you @Mark Burggraf but you seem to be the maintainer of that package.

GitHub

GitHub - supabase-community/supabase-custom-claims: How to implemen...

How to implement custom claims with Supabase. Contribute to supabase-community/supabase-custom-claims development by creating an account on GitHub.

Custom claims package

Custom claims package

Similar Threads

Similar Threads

Similar Threads