Supabase•5mo ago•

2 replies

RLS for bucket joined with table data

Hello

I'm unable to figure out the correct syntax for a row-level security policy on my storage bucket.

I have a table named

entities

entities

that has columns for

user_id

user_id

slug

slug

, and

name

name

. I also have a bucket where I want to store an image for each entity. I want the image to be stored at the path

/:slug/images

/:slug/images

, so for example my entity with slug

my-thing

my-thing

would have an image at the path

/my-thing/images/image.png

/my-thing/images/image.png

.

When a user attempt to upload an image to their folder, I want to check that they have access to that folder by checking the

user_id

user_id

and

slug

slug

in my

entities

entities

table.

Here's what my policy query looks like:

BEGIN;
  ALTER POLICY "Give users access to their own folders"
  ON "storage"."objects"
  WITH CHECK (
    ((bucket_id = 'my-bucket'::text)
    AND (
      (SELECT auth.uid() AS uid)
      IN (SELECT entities.user_id FROM entities WHERE ((entities.slug)::text = (storage.foldername(name))[1])))
    )
  );
COMMIT;

BEGIN;
  ALTER POLICY "Give users access to their own folders"
  ON "storage"."objects"
  WITH CHECK (
    ((bucket_id = 'my-bucket'::text)
    AND (
      (SELECT auth.uid() AS uid)
      IN (SELECT entities.user_id FROM entities WHERE ((entities.slug)::text = (storage.foldername(name))[1])))
    )
  );
COMMIT;

Every time I save this policy, Supabase replaces

storage.foldername(name)

storage.foldername(name)

with

storage.foldername(entities.name)

storage.foldername(entities.name)

which will never work. Can anybody please help me figure out what I'm doing wrong?

RLS for bucket joined with table data

Hello

I'm unable to figure out the correct syntax for a row-level security policy on my storage bucket.

I have a table named

entities

entities

that has columns for

user_id

user_id

slug

slug

, and

name

name

. I also have a bucket where I want to store an image for each entity. I want the image to be stored at the path

/:slug/images

/:slug/images

, so for example my entity with slug

my-thing

my-thing

would have an image at the path

/my-thing/images/image.png

/my-thing/images/image.png

.

When a user attempt to upload an image to their folder, I want to check that they have access to that folder by checking the

user_id

user_id

and

slug

slug

in my

entities

entities

table.

Here's what my policy query looks like:

BEGIN;
  ALTER POLICY "Give users access to their own folders"
  ON "storage"."objects"
  WITH CHECK (
    ((bucket_id = 'my-bucket'::text)
    AND (
      (SELECT auth.uid() AS uid)
      IN (SELECT entities.user_id FROM entities WHERE ((entities.slug)::text = (storage.foldername(name))[1])))
    )
  );
COMMIT;

BEGIN;
  ALTER POLICY "Give users access to their own folders"
  ON "storage"."objects"
  WITH CHECK (
    ((bucket_id = 'my-bucket'::text)
    AND (
      (SELECT auth.uid() AS uid)
      IN (SELECT entities.user_id FROM entities WHERE ((entities.slug)::text = (storage.foldername(name))[1])))
    )
  );
COMMIT;

Every time I save this policy, Supabase replaces

storage.foldername(name)

storage.foldername(name)

with

storage.foldername(entities.name)

storage.foldername(entities.name)

which will never work. Can anybody please help me figure out what I'm doing wrong?

RLS for bucket joined with table data

Similar Threads

RLS for bucket joined with table data

Similar Threads

Similar Threads

Similar Threads