Fix: Infinite recursion in team_members RLS (Phase 8 Governance)
Browse files
database/fix_teams_rls_governance.sql
CHANGED
|
@@ -16,11 +16,7 @@ CREATE POLICY "Teams are readable by members" ON public.teams
|
|
| 16 |
FOR SELECT TO authenticated
|
| 17 |
USING (
|
| 18 |
created_by = auth.uid()
|
| 19 |
-
OR
|
| 20 |
-
SELECT 1 FROM public.team_members
|
| 21 |
-
WHERE team_members.team_id = id
|
| 22 |
-
AND team_members.user_id = auth.uid()
|
| 23 |
-
)
|
| 24 |
);
|
| 25 |
|
| 26 |
-- 4. Re-implement Team Members Select Policy
|
|
@@ -28,11 +24,8 @@ CREATE POLICY "Teams are readable by members" ON public.teams
|
|
| 28 |
CREATE POLICY "Team members are readable by team" ON public.team_members
|
| 29 |
FOR SELECT TO authenticated
|
| 30 |
USING (
|
| 31 |
-
|
| 32 |
-
|
| 33 |
-
WHERE m.team_id = team_members.team_id
|
| 34 |
-
AND m.user_id = auth.uid()
|
| 35 |
-
)
|
| 36 |
);
|
| 37 |
|
| 38 |
-- 5. Ensure the is_team_member function is robust and uses search_path
|
|
|
|
| 16 |
FOR SELECT TO authenticated
|
| 17 |
USING (
|
| 18 |
created_by = auth.uid()
|
| 19 |
+
OR public.is_team_member(id)
|
|
|
|
|
|
|
|
|
|
|
|
|
| 20 |
);
|
| 21 |
|
| 22 |
-- 4. Re-implement Team Members Select Policy
|
|
|
|
| 24 |
CREATE POLICY "Team members are readable by team" ON public.team_members
|
| 25 |
FOR SELECT TO authenticated
|
| 26 |
USING (
|
| 27 |
+
user_id = auth.uid()
|
| 28 |
+
OR public.is_team_member(team_id)
|
|
|
|
|
|
|
|
|
|
| 29 |
);
|
| 30 |
|
| 31 |
-- 5. Ensure the is_team_member function is robust and uses search_path
|