S
Supabase3h ago
Floppy Disk

.insert().select() doesnt work due to rls

Insert alone works 
return await supabase
    .from("question")
    .insert({
      ...body,
      survey_id,
      question_bank_ref_id,
      selected_configuration,
      field_type_context_stack,
      survey_bank_question_bank_ref_id,
    })
    .select()
    .maybeSingle()
    .throwOnError()
    .then(res => res.data);
return await supabase
    .from("question")
    .insert({
      ...body,
      survey_id,
      question_bank_ref_id,
      selected_configuration,
      field_type_context_stack,
      survey_bank_question_bank_ref_id,
    })
    .select()
    .maybeSingle()
    .throwOnError()
    .then(res => res.data);
Select RLS: 
DROP POLICY IF EXISTS question_own_select ON public.question;
CREATE POLICY "question_own_select" ON public.question
  FOR SELECT
  TO authenticated
  USING (
    (
      public.question.user_id = (select auth.uid)
    )
  );
DROP POLICY IF EXISTS question_project_or_org_member_select ON public.question;
CREATE POLICY "question_project_or_org_member_select" ON public.question
  FOR SELECT
  TO authenticated
  USING (
    (
      EXISTS (
        SELECT 1
        FROM public.project_members pm
        WHERE pm.project_id = public.get_question_project_id(id)
          AND pm.user_id = (SELECT auth.uid())
      )
    )
    OR
    (
      EXISTS (
        SELECT 1
        FROM public.organisation_members om
        WHERE om.organisation_id = public.get_question_organisation_id(id)
          AND om.user_id = (SELECT auth.uid())
      )
    )
  );
DROP POLICY IF EXISTS question_own_select ON public.question;
CREATE POLICY "question_own_select" ON public.question
  FOR SELECT
  TO authenticated
  USING (
    (
      public.question.user_id = (select auth.uid)
    )
  );
DROP POLICY IF EXISTS question_project_or_org_member_select ON public.question;
CREATE POLICY "question_project_or_org_member_select" ON public.question
  FOR SELECT
  TO authenticated
  USING (
    (
      EXISTS (
        SELECT 1
        FROM public.project_members pm
        WHERE pm.project_id = public.get_question_project_id(id)
          AND pm.user_id = (SELECT auth.uid())
      )
    )
    OR
    (
      EXISTS (
        SELECT 1
        FROM public.organisation_members om
        WHERE om.organisation_id = public.get_question_organisation_id(id)
          AND om.user_id = (SELECT auth.uid())
      )
    )
  );
user_id in table questions is set with default value auth.uid()
7 Replies
garyaustin
garyaustin3h ago
What is your question? You don't meet RLS for the select policy so the insert will fail.
Floppy Disk
Floppy DiskOP3h ago
Ah yeah, tried to keep it short I'm somehow don't meet select policy Are default values for the table propagated later? I checked my code and I never specify user_id there so it should be set to default, when I comment select its exactly what happens Disabling RLS policies work, but as far as I know these policies are permissive by default so either one that passes should action available
garyaustin
garyaustin3h ago
It should be there for your select policy.
garyaustin
garyaustin3h ago
What is this though?
No description
garyaustin
garyaustin3h ago
You can also check in the dashboard Gateway API log on that insert (POST) and see if the role is authenticated or not.
Floppy Disk
Floppy DiskOP3h ago
Should be, will check
garyaustin
garyaustin3h ago
Note the typo in red.

Did you find this page helpful?