GHMiranda
/
WebVNWrite
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix: allow profile lookup for sharing by adding RLS policy 

The profiles table RLS policies only allowed users to view their own
profile, causing the share feature to fail when searching for users
by email. Added a policy allowing any authenticated user to read profiles.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
Gustavo Henrique Santos Souza de Miranda 2026-01-24 02:38:05 -03:00
parent ccb05e3a3e
commit 5b84170a28
1 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
supabase/migrations/20260124100000_allow_profile_lookup_for_sharing.sql Normal file
View File

@ -0,0 +1,10 @@
-- Migration: Allow authenticated users to look up profiles for sharing
-- Problem: The profiles RLS policies only allow users to see their own profile
-- (or admins to see all). This prevents the sharing feature from finding
-- users by email since the query is blocked by RLS.
-- Solution: Add a SELECT policy allowing any authenticated user to view profiles.
CREATE POLICY "Authenticated users can view profiles"
ON profiles
FOR SELECT
USING (auth.uid() IS NOT NULL);