Menü
Use when creating or modifying Row Level Security policies
Mit Codex oder Claude installieren Kopieren Sie diesen Prompt, fügen Sie ihn in Codex, Claude oder einen anderen Assistant ein und lassen Sie die Skill-Seite prüfen und installieren.
Basierend auf der SOC-Berufsklassifikation
Use when deploying Cloudflare Workers, managing R2 storage, or working with Cloudflare infrastructure
Use when working with ANTD components, theme tokens, icons, forms, or feedback components (message/notification/modal)
Use when adding, referencing, or serving static assets (images, fonts, videos, 3D models) through the R2 CDN pipeline with type-safe imports
Use when writing or reviewing JavaScript/TypeScript code for style patterns like concise arrows, inline handlers, expression formatting, or when tempted to use eslint-disable
Use when working with environment variables in frontend code
Use when creating or modifying keyboard shortcuts/hotkeys in frontend code
| name | supabase-rls-policies |
| description | Use when creating or modifying Row Level Security policies |
Row Level Security controls which rows users can access. Always enable RLS on tables with user-specific or organization-scoped data.
ALTER TABLE public.projects ENABLE ROW LEVEL SECURITY;
CREATE POLICY "policy_name"
ON schema.table_name
FOR operation -- SELECT, INSERT, UPDATE, DELETE, or ALL
TO authenticated -- REQUIRED: explicit role (never omit)
[USING (condition)] -- For SELECT, UPDATE, DELETE (existing rows)
[WITH CHECK (condition)]; -- For INSERT, UPDATE (new/modified rows)
CREATE POLICY "Organization members can view projects"
ON public.projects FOR SELECT TO authenticated
USING (
EXISTS (
SELECT 1 FROM public.organization_members
WHERE organization_members.organization_id = projects.organization_id
AND organization_members.user_id = (SELECT auth.uid())
)
);
-- User-specific data
CREATE POLICY "Users can read own profile"
ON public.profiles FOR SELECT TO authenticated
USING ((SELECT auth.uid()) = id);
-- Public read, authenticated write
CREATE POLICY "Anyone can read" ON public.posts FOR SELECT TO public USING (true);
CREATE POLICY "Authenticated can create" ON public.posts FOR INSERT TO authenticated
WITH CHECK ((SELECT auth.uid()) = user_id);
Always wrap auth.uid() in SELECT subquery - without it, evaluated per-row (99% slower):
-- ✅ Correct (evaluated once per query)
WHERE user_id = (SELECT auth.uid())
-- ❌ Wrong (evaluated per row - causes 0003_auth_rls_initplan warning)
WHERE user_id = auth.uid()
Real-world impact: 170ms → 178,000ms on 100K rows without optimization.
TO authenticated not omitted (defaults to TO public)(SELECT auth.uid()) - wrapped in subquery for performancecd spark/frontend/my-vite-app && supabase db lint
Check for 0003_auth_rls_initplan warning (auth.uid() not optimized).
Docs: https://supabase.com/docs/guides/database/database-advisors?lint=0003_auth_rls_initplan