Skip to content

Commit e6527e3

Browse files
authored
chore: grant DML on public tables to API roles in test schema migration (#121)
1 parent 726dbd8 commit e6527e3

1 file changed

Lines changed: 13 additions & 1 deletion

File tree

supabase/migrations/1749515112_schema.sql

Lines changed: 13 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -194,4 +194,16 @@ alter default privileges in schema personal grant all on tables to postgres, ano
194194
alter default privileges in schema personal grant all on functions to postgres, anon, authenticated, service_role;
195195
alter default privileges in schema personal grant all on sequences to postgres, anon, authenticated, service_role;
196196

197-
GRANT ALL PRIVILEGES ON TABLE personal.users TO postgres, anon, authenticated, service_role;
197+
GRANT ALL PRIVILEGES ON TABLE personal.users TO postgres, anon, authenticated, service_role;
198+
199+
-- Tables created by the `postgres` role in the `public` schema no longer inherit
200+
-- SELECT/INSERT/UPDATE/DELETE for the API roles under current Supabase CLI default privileges
201+
-- (https://supabase.com/changelog/45329-breaking-change-tables-not-exposed-to-data-and-graphql-api-automatically),
202+
-- so the privileges must be granted explicitly.
203+
grant select, insert, update, delete on all tables in schema public to anon, authenticated, service_role;
204+
grant usage, select on all sequences in schema public to anon, authenticated, service_role;
205+
grant execute on all functions in schema public to anon, authenticated, service_role;
206+
207+
alter default privileges in schema public grant select, insert, update, delete on tables to anon, authenticated, service_role;
208+
alter default privileges in schema public grant usage, select on sequences to anon, authenticated, service_role;
209+
alter default privileges in schema public grant execute on functions to anon, authenticated, service_role;

0 commit comments

Comments
 (0)