mirror of
https://github.com/pacnpal/thrilltrack-explorer.git
synced 2025-12-20 06:51:12 -05:00
25 lines
811 B
SQL
25 lines
811 B
SQL
-- Enable RLS on rate_limits table
|
|
ALTER TABLE public.rate_limits ENABLE ROW LEVEL SECURITY;
|
|
|
|
-- Users can only view their own rate limits
|
|
CREATE POLICY "Users can view their own rate limits"
|
|
ON public.rate_limits FOR SELECT
|
|
TO authenticated
|
|
USING (user_id = auth.uid());
|
|
|
|
-- System can manage rate limits (handled by check_rate_limit function)
|
|
CREATE POLICY "System can insert rate limits"
|
|
ON public.rate_limits FOR INSERT
|
|
TO authenticated
|
|
WITH CHECK (user_id = auth.uid());
|
|
|
|
CREATE POLICY "System can update rate limits"
|
|
ON public.rate_limits FOR UPDATE
|
|
TO authenticated
|
|
USING (user_id = auth.uid());
|
|
|
|
-- Allow cleanup of old records
|
|
CREATE POLICY "System can delete old rate limits"
|
|
ON public.rate_limits FOR DELETE
|
|
TO authenticated
|
|
USING (window_start < now() - interval '24 hours'); |