Hi I need urgent help!
Hi I need urgent help!
I've built an AI Assistant on Flutter Flow using Buildship and Open AI. It personalises responses based on user data stored in Supabase. I've installed RLS, but it won't read the data when I do an API call. When I make the RLS readable to every authorised user, it doesn't filter for just the user ID. How do I fix this ASAP? My app is now down as my assistant was reading the wrong data. Urgent help please so my app starts working again for active users
4 Replies
To address the issue with Row-Level Security (RLS) in Supabase and ensure that your AI Assistant reads the correct user-specific data, you need to configure RLS policies properly.
1. Ensure RLS Policy is Enabled:
Make sure that RLS is enabled on the table where user data is stored.
2. Create a Policy for User-Specific Data:
You need to create a policy that allows users to access only their own data. This typically involves writing a policy that checks if the user making the API call matches the user ID in the row.
Here is a general approach to creating such a policy:
- Define the Policy: Create a policy that ensures only the owner of the data can read it.
- Check for Authenticated Users: Ensure the policy checks for authenticated users and matches the user ID.
Since I cannot provide specific code snippets, please refer to the Supabase documentation for detailed steps on creating RLS policies.
For more detailed guidance, please submit your query via the in-app support button in Buildship.
For further reading on RLS policies in Supabase, you might find the Supabase documentation helpful:
- Supabase Row Level Security (RLS) Policies
If you need specific Buildship-related documentation, please submit via the in-app support button.
Row Level Security | Supabase Docs
Secure your data using Postgres Row Level Security.
Hi @Joy, Could you please submit your workflow via the in-app support form? https://docs.buildship.com/support-messages. So we can take a look and help you fix the workflow.
Also, the second screenshot of your Supabase RLS policy, shows that the Read Access is not enabled due to which the user ID is not able to be retrieved when passed from the client to BuildShip. Also, it shows it failed to update the policy due to a syntax error. you'll be required to fix the syntax error and save the RLS policy again with Read access enabled.
Hello thank you for responding. I’ve just replied via the in app support. Please help asap. Users can’t use the app whilst RLS isn’t working and I have active users
I've sent you an email with loom explaining the issue and solution and remix for the fix.