Select RLS for admins and users
For admins i want them to be able select all users and for users only themselves. How do i navigate this using a RLS select policy?
7 Replies
You have to figure out how you will create an admin or role. Then once you do that either use that JWT claim or access a table with the role to know they are an admin in the RLS policies. There is no built in role management for app users.
@garyaustin I have a custom users table with the auth ids and those users have a String role "Admin" or "User"
Then you just use a join in the RLS based on auth.uid() to check their role. It is better to write a function like is_admin() and then the function selects with auth.uid() the role column and returns true if Admin.
An example: https://supabase.com/docs/guides/database/postgres/row-level-security#use-security-definer-functions
I dont get why this wouldnt work
You can't select from the table if you don't meet the select on the table...
hehe suspected that but thought it wouldnt apply here
That is the other reason to use the function especially on the same table.
By making it security definer it will bypass RLS to do the check.