mirror of
https://github.com/pacnpal/thrilltrack-explorer.git
synced 2025-12-20 10:31:13 -05:00
45 lines
1.1 KiB
PL/PgSQL
45 lines
1.1 KiB
PL/PgSQL
-- Fix #1: Correct user_roles RLS policy to allow authenticated users to view their own roles
|
|
DROP POLICY IF EXISTS "Users can view their own roles" ON public.user_roles;
|
|
|
|
CREATE POLICY "Users can view their own roles"
|
|
ON public.user_roles
|
|
FOR SELECT
|
|
TO authenticated
|
|
USING (auth.uid() = user_id);
|
|
|
|
-- Fix #2: Drop and recreate get_my_sessions() if it exists with correct return type
|
|
DROP FUNCTION IF EXISTS public.get_my_sessions();
|
|
|
|
CREATE OR REPLACE FUNCTION public.get_my_sessions()
|
|
RETURNS TABLE (
|
|
id uuid,
|
|
created_at timestamptz,
|
|
updated_at timestamptz,
|
|
refreshed_at timestamp,
|
|
user_agent text,
|
|
ip text,
|
|
not_after timestamptz,
|
|
aal text
|
|
)
|
|
LANGUAGE plpgsql
|
|
SECURITY DEFINER
|
|
SET search_path = auth, public
|
|
AS $$
|
|
BEGIN
|
|
RETURN QUERY
|
|
SELECT
|
|
s.id,
|
|
s.created_at,
|
|
s.updated_at,
|
|
s.refreshed_at,
|
|
s.user_agent,
|
|
public.hash_session_ip(s.ip) as ip,
|
|
s.not_after,
|
|
s.aal::text
|
|
FROM auth.sessions s
|
|
WHERE s.user_id = auth.uid()
|
|
ORDER BY s.refreshed_at DESC NULLS LAST;
|
|
END;
|
|
$$;
|
|
|
|
GRANT EXECUTE ON FUNCTION public.get_my_sessions() TO authenticated; |