diff --git a/SQL Scripts/policies/layer_contexts.sql b/SQL Scripts/policies/layer_contexts.sql index 985b42f..c7d0605 100644 --- a/SQL Scripts/policies/layer_contexts.sql +++ b/SQL Scripts/policies/layer_contexts.sql @@ -5,7 +5,7 @@ CREATE POLICY "Users with correct policies can SELECT on layer_contexts" ON publ is_archived IS FALSE AND ( public.check_action_policy_organization(auth.uid(), 'layer_contexts', 'SELECT') OR public.check_action_policy_project_from_context(auth.uid(), 'layer_contexts', 'SELECT', context_id) OR - public.check_action_policy_layer(auth.uid(), 'layer_contexts', 'SELECT', layer_id) + public.check_action_policy_layer_select(auth.uid(), 'layer_contexts', layer_id) ) ); diff --git a/supabase/migrations/20240711184827_fixing_read_only_base_layer.sql b/supabase/migrations/20240711184827_fixing_read_only_base_layer.sql new file mode 100644 index 0000000..99df354 --- /dev/null +++ b/supabase/migrations/20240711184827_fixing_read_only_base_layer.sql @@ -0,0 +1,11 @@ +drop policy "Users with correct policies can SELECT on layer_contexts" on "public"."layer_contexts"; + +create policy "Users with correct policies can SELECT on layer_contexts" +on "public"."layer_contexts" +as permissive +for select +to authenticated +using (((is_archived IS FALSE) AND (check_action_policy_organization(auth.uid(), 'layer_contexts'::character varying, 'SELECT'::operation_types) OR check_action_policy_project_from_context(auth.uid(), 'layer_contexts'::character varying, 'SELECT'::operation_types, context_id) OR check_action_policy_layer_select(auth.uid(), 'layer_contexts'::character varying, layer_id)))); + + +