Need help defining security policies

I have a

users

users

table, and without any policies I can use supabase auth to insert rows here without issues.

I wanted to create policies to improve the security.

Authenticated users should be able to UPDATE or DELETE their account.
All users should be able to sign up a new account, (INSERT).

I use this policy schema:

-- Enable RLS for Users Table
ALTER TABLE users ENABLE ROW LEVEL SECURITY;

-- Policies for Users Table
CREATE POLICY "Authenticated users can update their own records" 
ON users 
FOR UPDATE 
TO authenticated 
USING ((select auth.uid()::text) = id);

CREATE POLICY "Authenticated users can delete their own records" 
ON users 
FOR DELETE 
TO authenticated 
USING ((select auth.uid()::text) = id);

CREATE POLICY "All users can insert new records" 
ON users 
FOR INSERT 
TO authenticated, anon 
WITH CHECK (true);

-- Enable RLS for Users Table
ALTER TABLE users ENABLE ROW LEVEL SECURITY;

-- Policies for Users Table
CREATE POLICY "Authenticated users can update their own records" 
ON users 
FOR UPDATE 
TO authenticated 
USING ((select auth.uid()::text) = id);

CREATE POLICY "Authenticated users can delete their own records" 
ON users 
FOR DELETE 
TO authenticated 
USING ((select auth.uid()::text) = id);

CREATE POLICY "All users can insert new records" 
ON users 
FOR INSERT 
TO authenticated, anon 
WITH CHECK (true);

-- Enable RLS for Users Table
ALTER TABLE users ENABLE ROW LEVEL SECURITY;

-- Policies for Users Table
CREATE POLICY "Authenticated users can update their own records" 
ON users 
FOR UPDATE 
TO authenticated 
USING ((select auth.uid()::text) = id);

CREATE POLICY "Authenticated users can delete their own records" 
ON users 
FOR DELETE 
TO authenticated 
USING ((select auth.uid()::text) = id);

CREATE POLICY "All users can insert new records" 
ON users 
FOR INSERT 
TO authenticated, anon 
WITH CHECK (true);

-- Enable RLS for Users Table
ALTER TABLE users ENABLE ROW LEVEL SECURITY;

-- Policies for Users Table
CREATE POLICY "Authenticated users can update their own records" 
ON users 
FOR UPDATE 
TO authenticated 
USING ((select auth.uid()::text) = id);

CREATE POLICY "Authenticated users can delete their own records" 
ON users 
FOR DELETE 
TO authenticated 
USING ((select auth.uid()::text) = id);

CREATE POLICY "All users can insert new records" 
ON users 
FOR INSERT 
TO authenticated, anon 
WITH CHECK (true);

But it stops working after I apply this. The error in the logs is:

"error": "ERROR: permission denied for table users (SQLSTATE 42501)",

"error": "ERROR: permission denied for table users (SQLSTATE 42501)",

"error": "ERROR: permission denied for table users (SQLSTATE 42501)",

"error": "ERROR: permission denied for table users (SQLSTATE 42501)",

Can someone help me with setting up the correct policy?

Need help defining security policies

Similar Threads

Similar Threads

Similar Threads