mirror of
https://github.com/pezkuwichain/pwap.git
synced 2026-04-22 09:07:55 +00:00
pezkuwichain
9bad24bc84
Allow open INSERT/SELECT/DELETE on p2p-payment-proofs bucket since users authenticate via wallet identity, not Supabase Auth.
19 lines
719 B
SQL
19 lines
719 B
SQL
-- Storage policies for p2p-payment-proofs bucket
|
|
-- Users are wallet-based (no auth.uid()), so policies must be open
|
|
-- Proof files auto-expire in 1 day via cleanup-proofs edge function
|
|
|
|
-- Allow anyone to upload payment proofs
|
|
CREATE POLICY "Allow payment proof uploads"
|
|
ON storage.objects FOR INSERT
|
|
WITH CHECK (bucket_id = 'p2p-payment-proofs');
|
|
|
|
-- Allow anyone to read payment proofs (public bucket)
|
|
CREATE POLICY "Allow payment proof reads"
|
|
ON storage.objects FOR SELECT
|
|
USING (bucket_id = 'p2p-payment-proofs');
|
|
|
|
-- Allow deletion (for cleanup-proofs edge function via service role)
|
|
CREATE POLICY "Allow payment proof deletes"
|
|
ON storage.objects FOR DELETE
|
|
USING (bucket_id = 'p2p-payment-proofs');
|