mirror of
https://github.com/pacnpal/thrilltrack-explorer.git
synced 2025-12-20 10:11:13 -05:00
46377152c3
Update the database policy for the admin_audit_log view to allow moderators to access logs without requiring multi-factor authentication, while maintaining strict security for log insertions. Replit-Commit-Author: Agent Replit-Commit-Session-Id: 14a3da17-c084-4611-919e-f0651a496ef3 Replit-Commit-Checkpoint-Type: intermediate_checkpoint Replit-Commit-Screenshot-Url: https://storage.googleapis.com/screenshot-production-us-central1/7cdf4e95-3f41-4180-b8e3-8ef56d032c0e/14a3da17-c084-4611-919e-f0651a496ef3/cWpfk79
21 lines
907 B
SQL
21 lines
907 B
SQL
-- Fix admin_audit_log view policy to allow viewing without AAL2
|
|
-- Viewing logs is a read-only operation and doesn't require the same
|
|
-- security level as modifying data. We still require moderator role.
|
|
|
|
DROP POLICY IF EXISTS "Admins can view audit log" ON public.admin_audit_log;
|
|
CREATE POLICY "Admins can view audit log"
|
|
ON public.admin_audit_log
|
|
FOR SELECT
|
|
TO authenticated
|
|
USING (
|
|
is_moderator(auth.uid())
|
|
);
|
|
|
|
-- Keep the strict AAL2 requirement for inserting audit logs
|
|
-- (This policy already exists but we're documenting it here for clarity)
|
|
COMMENT ON POLICY "Admins can insert audit log with MFA" ON public.admin_audit_log
|
|
IS 'Requires AAL2 (MFA step-up) for inserting audit logs to ensure high security for write operations';
|
|
|
|
COMMENT ON POLICY "Admins can view audit log" ON public.admin_audit_log
|
|
IS 'Allows moderators to view audit logs without AAL2 since this is a read-only operation';
|