S
Supabase8mo ago
dannyh

Permission denied for schema citext

Forgive me as I am not very familiar with the database roles & schema security. I'm following the PostGIS instructions for the citext extension. Here is what I did: 
create schema if not exists "citext";
create extension citext with schema "citext";
create schema if not exists "citext";
create extension citext with schema "citext";
I'm getting this error: PostgrestException(message: permission denied for schema citext, code: 42501, details: Forbidden, hint: null) How can I fix this in a secure way?
5 Replies
garyaustin
garyaustin8mo ago
In general extensions should be installed as the UI suggests and I believe that one is in extensions. If not you have to grant all the API roles to your new schema and like add citext.function to every call or set a search path. There is a PR out to fix the PostGIS docs as they leave out those steps...
dannyh
dannyhOP8mo ago
What does that look like? Grant permissions to that schema where role is authenticated?
garyaustin
garyaustin8mo ago
This PR shows the needed grants. https://github.com/supabase/supabase/pull/32944/files I still think it is a bad idea to not put in extensions as the UI defaults it to. But it should work with the right grants and search paths in another schema.
GitHub
Fix: Update PostGIS tutorial documentation by coreAux · Pull Reques...
I have read the CONTRIBUTING.md file. YES What kind of change does this PR introduce? Updating docs for PostGIS. What is the current behavior? Resolves #28310
dannyh
dannyhOP8mo ago
I think the real bad idea is that the tutorial implies that the SQL code and the UI create the extension in the same way Does the UI install it in the public schema?
garyaustin
garyaustin8mo ago
It installs in extensions schema for that extension.

Did you find this page helpful?