원클릭으로 Manus에서 모든 스킬 실행

시작하기

supabase-rls-policies

스타0

포크0

업데이트2026년 2월 9일 09:55

Use when creating or modifying Row Level Security policies

설치

Codex 또는 Claude로 설치 이 Prompt를 복사해 Codex, Claude 또는 다른 어시스턴트에 붙여 넣으면 Skill 페이지를 검토하고 설치를 진행할 수 있습니다.

Manus에서 실행

출처

NTQ78

NTQ78/Todo-app

GitHub 저장소 열기 Creator 저장소 보기

다운로드

Manus에서 실행

Supabase Row Level Security (RLS) Policies

Row Level Security controls which rows users can access. Always enable RLS on tables with user-specific or organization-scoped data.

Core Syntax

ALTER TABLE public.projects ENABLE ROW LEVEL SECURITY;

CREATE POLICY "policy_name"
    ON schema.table_name
    FOR operation          -- SELECT, INSERT, UPDATE, DELETE, or ALL
    TO authenticated       -- REQUIRED: explicit role (never omit)
    [USING (condition)]    -- For SELECT, UPDATE, DELETE (existing rows)
    [WITH CHECK (condition)]; -- For INSERT, UPDATE (new/modified rows)

Organization-Scoped Policy Pattern

CREATE POLICY "Organization members can view projects"
    ON public.projects FOR SELECT TO authenticated
    USING (
        EXISTS (
            SELECT 1 FROM public.organization_members
            WHERE organization_members.organization_id = projects.organization_id
            AND organization_members.user_id = (SELECT auth.uid())
        )
    );

Common Patterns

-- User-specific data
CREATE POLICY "Users can read own profile"
    ON public.profiles FOR SELECT TO authenticated
    USING ((SELECT auth.uid()) = id);

-- Public read, authenticated write
CREATE POLICY "Anyone can read" ON public.posts FOR SELECT TO public USING (true);
CREATE POLICY "Authenticated can create" ON public.posts FOR INSERT TO authenticated
    WITH CHECK ((SELECT auth.uid()) = user_id);

⚠️ CRITICAL: Performance Optimization

Always wrap auth.uid() in SELECT subquery - without it, evaluated per-row (99% slower):

-- ✅ Correct (evaluated once per query)
WHERE user_id = (SELECT auth.uid())

-- ❌ Wrong (evaluated per row - causes 0003_auth_rls_initplan warning)
WHERE user_id = auth.uid()

Real-world impact: 170ms → 178,000ms on 100K rows without optimization.

Best Practices

Always use explicit TO clause - TO authenticated not omitted (defaults to TO public)
Use (SELECT auth.uid()) - wrapped in subquery for performance
Create separate policies per operation - SELECT, INSERT, UPDATE, DELETE
Use EXISTS subqueries for organization/membership checks
Add indexes on policy columns - critical for performance
Test policies - as authenticated and anonymous users

Verification

cd spark/frontend/my-vite-app && supabase db lint

Check for 0003_auth_rls_initplan warning (auth.uid() not optimized).

Docs: https://supabase.com/docs/guides/database/database-advisors?lint=0003_auth_rls_initplan

이 저장소의 다른 Skills

같은 저장소

cloudflare-wrangler-cli

NTQ78/Todo-app

Use when deploying Cloudflare Workers, managing R2 storage, or working with Cloudflare infrastructure

2026-02-090

frontend-antd-components

NTQ78/Todo-app

Use when working with ANTD components, theme tokens, icons, forms, or feedback components (message/notification/modal)

2026-02-090

frontend-asset-management

NTQ78/Todo-app

Use when adding, referencing, or serving static assets (images, fonts, videos, 3D models) through the R2 CDN pipeline with type-safe imports

2026-02-090

frontend-code-style

NTQ78/Todo-app

Use when writing or reviewing JavaScript/TypeScript code for style patterns like concise arrows, inline handlers, expression formatting, or when tempted to use eslint-disable

2026-02-090

frontend-environment-variables

NTQ78/Todo-app

Use when working with environment variables in frontend code

2026-02-090

frontend-hotkeys

NTQ78/Todo-app

Use when creating or modifying keyboard shortcuts/hotkeys in frontend code

2026-02-090

Supabase Row Level Security (RLS) Policies

Row Level Security controls which rows users can access. Always enable RLS on tables with user-specific or organization-scoped data.

Core Syntax

ALTER TABLE public.projects ENABLE ROW LEVEL SECURITY; CREATE POLICY "policy_name" ON schema.table_name FOR operation -- SELECT, INSERT, UPDATE, DELETE, or ALL TO authenticated -- REQUIRED: explicit role (never omit) [USING (condition)] -- For SELECT, UPDATE, DELETE (existing rows) [WITH CHECK (condition)]; -- For INSERT, UPDATE (new/modified rows)

Organization-Scoped Policy Pattern

CREATE POLICY "Organization members can view projects" ON public.projects FOR SELECT TO authenticated USING ( EXISTS ( SELECT 1 FROM public.organization_members WHERE organization_members.organization_id = projects.organization_id AND organization_members.user_id = (SELECT auth.uid()) ) );

Common Patterns

-- User-specific data CREATE POLICY "Users can read own profile" ON public.profiles FOR SELECT TO authenticated USING ((SELECT auth.uid()) = id); -- Public read, authenticated write CREATE POLICY "Anyone can read" ON public.posts FOR SELECT TO public USING (true); CREATE POLICY "Authenticated can create" ON public.posts FOR INSERT TO authenticated WITH CHECK ((SELECT auth.uid()) = user_id);

⚠️ CRITICAL: Performance Optimization

Always wrap auth.uid() in SELECT subquery - without it, evaluated per-row (99% slower):

-- ✅ Correct (evaluated once per query) WHERE user_id = (SELECT auth.uid()) -- ❌ Wrong (evaluated per row - causes 0003_auth_rls_initplan warning) WHERE user_id = auth.uid()

Real-world impact: 170ms → 178,000ms on 100K rows without optimization.

Best Practices

Always use explicit TO clause - TO authenticated not omitted (defaults to TO public)

Use (SELECT auth.uid()) - wrapped in subquery for performance

Create separate policies per operation - SELECT, INSERT, UPDATE, DELETE

Use EXISTS subqueries for organization/membership checks

Add indexes on policy columns - critical for performance

Test policies - as authenticated and anonymous users

Verification

cd spark/frontend/my-vite-app && supabase db lint

Check for 0003_auth_rls_initplan warning (auth.uid() not optimized).

name	supabase-rls-policies
description	Use when creating or modifying Row Level Security policies