From 3f03928f826d1602b3572881fc1825e3ec7a1bb7 Mon Sep 17 00:00:00 2001 From: Raphael Arce Date: Fri, 11 Oct 2024 16:58:45 +0200 Subject: [PATCH] feat: allow anon to see all profiles Signed-off-by: Raphael Arce --- .../20241011145739_allow_anon_profile_select.sql | 6 ++++++ tests/profiles.test.ts | 8 ++++---- 2 files changed, 10 insertions(+), 4 deletions(-) create mode 100644 supabase/migrations/20241011145739_allow_anon_profile_select.sql diff --git a/supabase/migrations/20241011145739_allow_anon_profile_select.sql b/supabase/migrations/20241011145739_allow_anon_profile_select.sql new file mode 100644 index 00000000..bddd1406 --- /dev/null +++ b/supabase/migrations/20241011145739_allow_anon_profile_select.sql @@ -0,0 +1,6 @@ +create policy "Enable read access for all users" +on "public"."profiles" +as PERMISSIVE +for SELECT +to public +using (true); diff --git a/tests/profiles.test.ts b/tests/profiles.test.ts index 8d2278f2..e613b2fa 100644 --- a/tests/profiles.test.ts +++ b/tests/profiles.test.ts @@ -15,16 +15,16 @@ describe("profiles table", () => { await deleteUsers([users.userId1, users.userId2]); }); - it("should return no profiles when user is not logged in", async () => { + it("should return all profiles when user is not logged in", async () => { const { data, error } = await supabaseAnonClient .from("profiles") .select("*"); expect(error).toBeNull(); expect(data).toBeDefined(); - expect(data!.length).toBe(0); + expect(data!.length).toBe(2); }); - it("should return user's own profile when user is logged in", async () => { + it("should return all profiles when user is logged in", async () => { const { data: data1, error: error1 } = await supabaseAnonClient.auth.signInWithPassword({ email: "user1@test.com", @@ -38,6 +38,6 @@ describe("profiles table", () => { .select("*"); expect(error).toBeNull(); expect(data).toBeDefined(); - expect(data!.length).toBe(1); + expect(data!.length).toBe(2); }); });