db pull revokes all privileges from auth and storage schema.
I've been trying for the past few weeks to create a local dev env for my existing supabase project. Auth and storage schemas have rls policies and triggers so I need to pull those too. When running
This revokes prevent the local project from starting, throwing the following error:
I have attached the generated migration for the auth schema, the same happens for storage.
I haven't found much on google about it, the only hint I've got is from google's AI answers that says that all grants are revoked to later grant only the necessary privileges, but those grants are never generated.
I know that I can manually remove those revokes or generate grants but it's not the point. I want to be able to pull and push changes flawlessly so later I can create a github workflow automating it.
I have created a github issue if anyone happens to have a similar problem:
https://github.com/supabase/cli/issues/4107
EDIT: Just compared both auth and storage revokes and auth only revokes permissions from "dashboard_user" and "postgres" while storage revokes permissions from:
- authenticated
- service_role
- anon
- postgres
After testing, auth schema seems to work ok (even though I don't know if does revokes should be generated) but storage is not even able to connect through supabase studio. I attached an image showing the studio error and the generated migration file for storage schema.
supabase db pull --schema auth--schema storageThis revokes prevent the local project from starting, throwing the following error:
Error status 400: {"statusCode":"403","error":"Unauthorized","message":"new row violates row-level security policy"}I have attached the generated migration for the auth schema, the same happens for storage.
I haven't found much on google about it, the only hint I've got is from google's AI answers that says that all grants are revoked to later grant only the necessary privileges, but those grants are never generated.
I know that I can manually remove those revokes or generate grants but it's not the point. I want to be able to pull and push changes flawlessly so later I can create a github workflow automating it.
I have created a github issue if anyone happens to have a similar problem:
https://github.com/supabase/cli/issues/4107
EDIT: Just compared both auth and storage revokes and auth only revokes permissions from "dashboard_user" and "postgres" while storage revokes permissions from:
- authenticated
- service_role
- anon
- postgres
After testing, auth schema seems to work ok (even though I don't know if does revokes should be generated) but storage is not even able to connect through supabase studio. I attached an image showing the studio error and the generated migration file for storage schema.
GitHub
Describe the bug When using supabase db pull --schema storage the migration file contains lots of revoke statements that remove all privileges of all storage stables from all database users (anon, ...
