mirror of
https://github.com/pacnpal/thrilltrack-explorer.git
synced 2025-12-20 06:51:12 -05:00
36 lines
910 B
SQL
36 lines
910 B
SQL
-- Drop and recreate filtered_profiles view without SECURITY DEFINER
|
|
DROP VIEW IF EXISTS public.filtered_profiles;
|
|
|
|
-- Recreate the view without SECURITY DEFINER
|
|
-- This view should use the querying user's permissions, not the creator's
|
|
CREATE VIEW public.filtered_profiles AS
|
|
SELECT
|
|
p.id,
|
|
p.user_id,
|
|
p.username,
|
|
p.display_name,
|
|
p.bio,
|
|
p.avatar_url,
|
|
p.avatar_image_id,
|
|
p.preferred_pronouns,
|
|
p.show_pronouns,
|
|
p.timezone,
|
|
p.preferred_language,
|
|
p.location_id,
|
|
p.personal_location,
|
|
p.home_park_id,
|
|
p.date_of_birth,
|
|
p.privacy_level,
|
|
p.theme_preference,
|
|
p.ride_count,
|
|
p.coaster_count,
|
|
p.park_count,
|
|
p.review_count,
|
|
p.reputation_score,
|
|
p.created_at,
|
|
p.updated_at,
|
|
p.banned
|
|
FROM public.profiles p;
|
|
|
|
-- Add comment explaining the view's purpose
|
|
COMMENT ON VIEW public.filtered_profiles IS 'Provides access to profile data respecting RLS policies of the querying user'; |