Supabase•2mo ago

infinite recursion for table company_members

Hello, I've ran into an infinite recursion error that happens when using supabase.select to select company_members or companies. You should the primary key of the companies table is called vat of type text and has an index created for it. I'm providing a detailed rls policy list: 1. Policies for company_members: SELECT:

alter policy "Users can view company members of their companies"
on "public"."company_members"
to public
using (
  ((profile_id = auth.uid()) OR (EXISTS ( SELECT 1
   FROM company_members cm
  WHERE ((cm.profile_id = auth.uid()) AND (cm.is_active = true) AND ((cm.company_vat)::text = (company_members.company_vat)::text)))))
);

alter policy "Users can view company members of their companies"
on "public"."company_members"
to public
using (
  ((profile_id = auth.uid()) OR (EXISTS ( SELECT 1
   FROM company_members cm
  WHERE ((cm.profile_id = auth.uid()) AND (cm.is_active = true) AND ((cm.company_vat)::text = (company_members.company_vat)::text)))))
);

2. Policies for companies:

alter policy "Users can view companies they are members of"
on "public"."companies"
to authenticated
using (
  ((vat)::text IN ( SELECT company_members.company_vat
   FROM company_members
  WHERE (company_members.profile_id = ( SELECT auth.uid() AS uid))))
);

alter policy "Users can view companies they are members of"
on "public"."companies"
to authenticated
using (
  ((vat)::text IN ( SELECT company_members.company_vat
   FROM company_members
  WHERE (company_members.profile_id = ( SELECT auth.uid() AS uid))))
);

2 Replies

DevsrealmGuy•2mo ago

Replace the EXISTS portion with a security definer function in a non-public schema

garyaustin•2mo ago

You need the security definer function because you can't have a select of the same table the select policy is on. It would then need to run the select policy... recursion.

Gaming

Programming

infinite recursion for table company_members

Did you find this page helpful?