-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathSETUP_STORAGE_POLICIES.sql
More file actions
74 lines (61 loc) · 2.28 KB
/
SETUP_STORAGE_POLICIES.sql
File metadata and controls
74 lines (61 loc) · 2.28 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
-- =====================================================
-- Supabase Storage Policies Setup
--
-- Run this SQL in Supabase Dashboard → SQL Editor
-- =====================================================
-- 1. Allow PUBLIC upload (untuk migration script)
-- Note: Ganti ke authenticated setelah migration selesai!
CREATE POLICY "Allow public upload during migration"
ON storage.objects FOR INSERT
TO public
WITH CHECK (bucket_id = 'libere-books');
-- 2. Allow PUBLIC read (untuk migration script)
-- Note: Ganti ke authenticated setelah migration selesai!
CREATE POLICY "Allow public read during migration"
ON storage.objects FOR SELECT
TO public
USING (bucket_id = 'libere-books');
-- 3. Allow PUBLIC update (optional, untuk overwrite files)
CREATE POLICY "Allow public update during migration"
ON storage.objects FOR UPDATE
TO public
USING (bucket_id = 'libere-books')
WITH CHECK (bucket_id = 'libere-books');
-- 4. Allow PUBLIC delete (optional, untuk cleanup)
CREATE POLICY "Allow public delete during migration"
ON storage.objects FOR DELETE
TO public
USING (bucket_id = 'libere-books');
-- =====================================================
-- AFTER MIGRATION: Replace with secure policies
-- =====================================================
-- Run these commands AFTER migration completes:
/*
-- Drop temporary public policies
DROP POLICY IF EXISTS "Allow public upload during migration" ON storage.objects;
DROP POLICY IF EXISTS "Allow public read during migration" ON storage.objects;
DROP POLICY IF EXISTS "Allow public update during migration" ON storage.objects;
DROP POLICY IF EXISTS "Allow public delete during migration" ON storage.objects;
-- Create secure authenticated-only policies
CREATE POLICY "Allow authenticated upload"
ON storage.objects FOR INSERT
TO authenticated
WITH CHECK (bucket_id = 'libere-books');
CREATE POLICY "Allow authenticated read"
ON storage.objects FOR SELECT
TO authenticated
USING (bucket_id = 'libere-books');
CREATE POLICY "Allow authenticated update"
ON storage.objects FOR UPDATE
TO authenticated
USING (bucket_id = 'libere-books')
WITH CHECK (bucket_id = 'libere-books');
-- Admin delete only (optional)
CREATE POLICY "Admin delete only"
ON storage.objects FOR DELETE
TO authenticated
USING (
bucket_id = 'libere-books'
AND auth.jwt() ->> 'role' = 'admin'
);
*/