Struggling to get RLS to work with auth users - Swift SDK
I am creating an app using swift, the login and auth of users works fine - you can signup, login and the data appears in the auth tables.
However when it comes to trying to insert data into my tasks table it will not pass the auth users only RLS policy. This is the error I get every time:
Failed to create task in Supabase: Test12, error: PostgrestError(detail: nil, hint: nil, code: Optional("42501"), message: "new row violates row-level security policy for table "tasks"")
It is not the format of the data as when RLS is disabled everything works fine, I have also checked that the app counts as authenticated before sending data and it is.
On top of this I tried testing through the SQL editor and imitating the user I have been testing from my app, it works fine with an identical record.
Any help would be appreciated, I've been trying to figure this out for days.
7 Replies
Do you also meet the select policy?
You don’t show your policies so hard to know.
Also you can check the API Gateway log details for the call. That has a section with the calling user role in it.
For the tasks table the only policy which I have is the authenticated users one - there is not select policy.
I did not know about the API logs so I will try and use that to debug it, is there any common errors/mistakes that I should be aware of?
Since my post I have also enabled RLS on my user profiles table with multiple auth policies and it works fine so I'm not sure what could be impacting just the task table.
You still don’t show policies or call. Insert if it returns data has to meet both inset and select policies.
There was no select policy as stated previously but I have added one now
They are the pre-set queries I have not added anything
And did that help?
Normally select would for your data only would need a user id column compared to auth.uid(). I don't know if the automatic templates pick up column names or not.
If your policies are correct then please check the api gateway log for this table insert. Then check the details of the log message. There is an authentication section that shows if you have a user (authenticated role and UUID) versus role of anon.
If your policies are correct then please check the api gateway log for this table insert. Then check the details of the log message. There is an authentication section that shows if you have a user (authenticated role and UUID) versus role of anon.