SupabaseS
Supabase5mo ago
Gaslit By Tech

pgTap unit tests after implementing Custom Claims & Role-based Access Control (RBAC)

Hi Folks

After implementing Custom Claims & Role-based Access Control (RBAC) following https://supabase.com/docs/guides/database/postgres/custom-claims-and-role-based-access-control-rbac

I found this guide easy to follow and following this pattern suits my requirements.

It is working when testing manually using the web app though not when using pgTap tests.

I don't think I'm mocking user_role correctly using set local request.jwt.user_role = 'driver';

Is this not the same as auth.jwt() ->> 'user_role' that I reversed engineered from the public.authorize function.

-- as User 1
set local role authenticated;
set local request.jwt.claim.sub = '123e4567-e89b-12d3-a456-426614174000';
set local request.jwt.user_role = 'driver'; --this is not correct

select is((select (auth.jwt() ->> 'user_role')::public.app_role), 'driver'::public.app_role);
select is((select public.authorize('profiles.mine.read')), true, 'driver can read own profile');


Edit: typo
Custom Claims & Role-based Access Control (RBAC) | Supabase Docs
Use Auth Hooks to add custom claims for managing role-based access control.
Was this page helpful?