auth.role() inside a scoped policy

Solved🟢SQL

Is doing

(SELECT auth.role() AS user_role) = 'authenticated'

(SELECT auth.role() AS user_role) = 'authenticated'

inside a scoped policy redundant?
I could of sworn someone in the past had told me this was some sort of belt and suspenders, maybe was a fever dream.
Something like this:

CREATE POLICY orders_select_all
ON public.orders
FOR SELECT
TO authenticated
USING (
    (SELECT auth.role() AS user_role) = 'authenticated'
    AND (SELECT public.authorize('TABLE_ORDERS_SELECT_ALL') AS is_authorized)
);

CREATE POLICY orders_select_all
ON public.orders
FOR SELECT
TO authenticated
USING (
    (SELECT auth.role() AS user_role) = 'authenticated'
    AND (SELECT public.authorize('TABLE_ORDERS_SELECT_ALL') AS is_authorized)
);

Supabase•4w ago•

2 replies

Despair

auth.role() inside a scoped policy

Solved🟢SQL

Is doing

(SELECT auth.role() AS user_role) = 'authenticated'

(SELECT auth.role() AS user_role) = 'authenticated'

inside a scoped policy redundant?
I could of sworn someone in the past had told me this was some sort of belt and suspenders, maybe was a fever dream.
Something like this:

CREATE POLICY orders_select_all
ON public.orders
FOR SELECT
TO authenticated
USING (
    (SELECT auth.role() AS user_role) = 'authenticated'
    AND (SELECT public.authorize('TABLE_ORDERS_SELECT_ALL') AS is_authorized)
);

CREATE POLICY orders_select_all
ON public.orders
FOR SELECT
TO authenticated
USING (
    (SELECT auth.role() AS user_role) = 'authenticated'
    AND (SELECT public.authorize('TABLE_ORDERS_SELECT_ALL') AS is_authorized)
);

auth.role() inside a scoped policy

Similar Threads

auth.role() inside a scoped policy

Similar Threads

Similar Threads

Similar Threads