pezkuwichain/pwap
1
0
Fork 0
mirror of https://github.com/pezkuwichain/pwap.git synced 2026-04-22 02:07:55 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: add storage RLS policies for p2p-payment-proofs bucket

Browse Source 
Allow open INSERT/SELECT/DELETE on p2p-payment-proofs bucket since
users authenticate via wallet identity, not Supabase Auth.
This commit is contained in:
Kurdistan Tech Ministry
2026-02-24 06:28:16 +03:00
parent 607ef72948
commit b8a0d5a5f3
1 changed files with 18 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
web/supabase/migrations/20260224070000_storage_payment_proofs_policy.sql
+18
View File
@@ -0,0 +1,18 @@
-- Storage policies for p2p-payment-proofs bucket
-- Users are wallet-based (no auth.uid()), so policies must be open
-- Proof files auto-expire in 1 day via cleanup-proofs edge function
-- Allow anyone to upload payment proofs
CREATE POLICY "Allow payment proof uploads"
ON storage.objects FOR INSERT
WITH CHECK (bucket_id = 'p2p-payment-proofs');
-- Allow anyone to read payment proofs (public bucket)
CREATE POLICY "Allow payment proof reads"
ON storage.objects FOR SELECT
USING (bucket_id = 'p2p-payment-proofs');
-- Allow deletion (for cleanup-proofs edge function via service role)
CREATE POLICY "Allow payment proof deletes"
ON storage.objects FOR DELETE
USING (bucket_id = 'p2p-payment-proofs');