quinta-feira, 16 de maio de 2024

Permitir acessar a table USER do supabase de fora do supabase

add security definer to your function definition so that the function doesn't use the invoking user's permissions (security invoker is the default).

If you define your function with security definer privileges it will work. I used this for a while before switching to get the email from the JWT instead:

-- check if the passed user id is registered and return the email if registered or null if not registered

create or replace function "public"."get_user_email"(p_user_id uuid) returns text

    language "plpgsql"

    security definer

    as $$ 


        return (

            select email from "auth"."users" where id = p_user_id




alter function "public"."get_user_email"(uuid) owner to "postgres"; 

Nenhum comentário:

Postar um comentário