pacnpal/thrilltrack-explorer
1
0
Fork 0
mirror of https://github.com/pacnpal/thrilltrack-explorer.git synced 2025-12-20 16:11:12 -05:00
Code Issues Packages Projects Releases Wiki Activity

Fix SECURITY DEFINER on views

Browse Source
This commit is contained in:
gpt-engineer-app[bot]
2025-10-12 14:07:12 +00:00
parent 846c8ec7c0
commit 21ba87a664
1 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
supabase/migrations/20251012140656_6afd3694-2db5-4fb2-be7c-bb4967f62133.sql Normal file
View File

@@ -0,0 +1,5 @@
-- Set filtered_profiles view to use security_invoker
-- This makes the view execute with the permissions of the invoking user, not the creator
ALTER VIEW public.filtered_profiles SET (security_invoker = true);
COMMENT ON VIEW public.filtered_profiles IS 'Profile view with field-level privacy controls using security_invoker. Uses security definer functions for granular permission checks but view respects querying user context.';