robin/Dramlog-Prod
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: resolve RLS infinite recursion in tastings and sessions

Browse Source
This commit is contained in:
robin
2025-12-18 11:24:04 +01:00
parent e6974cd060
commit 5923dd0474
4 changed files with 24 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
supa_schema.sql
View File

@@ -64,10 +64,11 @@ CREATE TABLE IF NOT EXISTS tasting_sessions (
created_at TIMESTAMP WITH TIME ZONE DEFAULT timezone('Europe/Berlin'::text, now())
);
-- Session Participants junction
-- Session Participants junction (updated with user_id to avoid RLS recursion)
CREATE TABLE IF NOT EXISTS session_participants (
session_id UUID REFERENCES tasting_sessions(id) ON DELETE CASCADE NOT NULL,
buddy_id UUID REFERENCES buddies(id) ON DELETE CASCADE NOT NULL,
user_id UUID REFERENCES profiles(id) ON DELETE CASCADE NOT NULL, -- The owner of the session
PRIMARY KEY (session_id, buddy_id)
);
@@ -85,10 +86,11 @@ CREATE TABLE IF NOT EXISTS tastings (
created_at TIMESTAMP WITH TIME ZONE DEFAULT timezone('Europe/Berlin'::text, now())
);
-- Tasting Tagging (to tag buddies in a tasting)
-- Tasting Tagging (updated with user_id to avoid RLS recursion)
CREATE TABLE IF NOT EXISTS tasting_tags (
tasting_id UUID REFERENCES tastings(id) ON DELETE CASCADE NOT NULL,
buddy_id UUID REFERENCES buddies(id) ON DELETE CASCADE NOT NULL,
user_id UUID REFERENCES profiles(id) ON DELETE CASCADE NOT NULL, -- The owner of the tasting
PRIMARY KEY (tasting_id, buddy_id)
);
@@ -160,10 +162,8 @@ CREATE POLICY "Users can see sessions they participate in" ON tasting_sessions
-- Policies for Session Participants
ALTER TABLE session_participants ENABLE ROW LEVEL SECURITY;
CREATE POLICY "Users can manage participants of their sessions" ON session_participants
FOR ALL USING (
session_id IN (SELECT id FROM tasting_sessions WHERE user_id = auth.uid())
);
CREATE POLICY "Users can manage their own session participants" ON session_participants
FOR ALL USING (auth.uid() = user_id);
CREATE POLICY "Participants can see session membership" ON session_participants
FOR SELECT USING (
buddy_id IN (SELECT id FROM buddies WHERE buddy_profile_id = auth.uid())
@@ -171,10 +171,8 @@ CREATE POLICY "Participants can see session membership" ON session_participants
-- Policies for Tasting Tags
ALTER TABLE tasting_tags ENABLE ROW LEVEL SECURITY;
CREATE POLICY "Users can manage tags on their tastings" ON tasting_tags
FOR ALL USING (
tasting_id IN (SELECT id FROM tastings WHERE user_id = auth.uid())
);
CREATE POLICY "Users can manage their own tasting tags" ON tasting_tags
FOR ALL USING (auth.uid() = user_id);
CREATE POLICY "Tagged users can see the tags" ON tasting_tags
FOR SELECT USING (
buddy_id IN (SELECT id FROM buddies WHERE buddy_profile_id = auth.uid())