Skip to content

Commit

Permalink
fix: new way to decided when to bypass RLS in the policy
Browse files Browse the repository at this point in the history
  • Loading branch information
@adityathebe
adityathebe committed Nov 22, 2024
1 parent 8320430 commit af363f0
Showing 1 changed file with 4 additions and 4 deletions.
8 changes: 4 additions & 4 deletions views/034_rls_enable.sql
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ CREATE POLICY config_items_auth ON config_items
USING (
CASE WHEN (
current_setting('request.jwt.claims', TRUE) IS NULL
OR (current_setting('request.jwt.claims', TRUE)::jsonb ->> 'tags' IS NULL AND current_setting('request.jwt.claims', TRUE)::jsonb ->> 'agents' IS NULL)
OR current_setting('request.jwt.claims', TRUE)::jsonb ->> 'disable_rls' IS NOT NULL
)
THEN TRUE
ELSE (
Expand All @@ -51,7 +51,7 @@ CREATE POLICY config_changes_auth ON config_changes
USING (
CASE WHEN (
current_setting('request.jwt.claims', TRUE) IS NULL
OR (current_setting('request.jwt.claims', TRUE)::jsonb ->> 'tags' IS NULL AND current_setting('request.jwt.claims', TRUE)::jsonb ->> 'agents' IS NULL)
OR current_setting('request.jwt.claims', TRUE)::jsonb ->> 'disable_rls' IS NOT NULL
)
THEN TRUE
ELSE EXISTS (
Expand All @@ -73,7 +73,7 @@ CREATE POLICY config_analysis_auth ON config_analysis
USING (
CASE WHEN (
current_setting('request.jwt.claims', TRUE) IS NULL
OR (current_setting('request.jwt.claims', TRUE)::jsonb ->> 'tags' IS NULL AND current_setting('request.jwt.claims', TRUE)::jsonb ->> 'agents' IS NULL)
OR current_setting('request.jwt.claims', TRUE)::jsonb ->> 'disable_rls' IS NOT NULL
)
THEN TRUE
ELSE EXISTS (
Expand All @@ -95,7 +95,7 @@ CREATE POLICY components_auth ON components
USING (
CASE WHEN (
current_setting('request.jwt.claims', TRUE) IS NULL
OR (current_setting('request.jwt.claims', TRUE)::jsonb ->> 'tags' IS NULL AND current_setting('request.jwt.claims', TRUE)::jsonb ->> 'agents' IS NULL)
OR current_setting('request.jwt.claims', TRUE)::jsonb ->> 'disable_rls' IS NOT NULL
)
THEN TRUE
ELSE (
Expand Down

0 comments on commit af363f0

Please sign in to comment.