From 1aefd3d9a138f349af7fb0d5808644b07b753844 Mon Sep 17 00:00:00 2001 From: patrickwebsdev Date: Sat, 9 Nov 2024 01:33:50 -0300 Subject: [PATCH] security fix: policy post limit per minute --- .../migrations/20241109043158_limit_post_per_minute.sql | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 supabase/migrations/20241109043158_limit_post_per_minute.sql diff --git a/supabase/migrations/20241109043158_limit_post_per_minute.sql b/supabase/migrations/20241109043158_limit_post_per_minute.sql new file mode 100644 index 00000000..a0066b19 --- /dev/null +++ b/supabase/migrations/20241109043158_limit_post_per_minute.sql @@ -0,0 +1,8 @@ +create policy "limit_post_per_minute" +on "public"."help_requests" +as restrictive +for insert +to authenticated +with check ((NOT (EXISTS ( SELECT 1 + FROM help_requests help_requests_1 + WHERE ((help_requests_1.user_id = auth.uid()) AND (help_requests_1.created_at > (now() - '00:01:00'::interval))))))); \ No newline at end of file