userRoles is SupaBroken

justifi · December 16, 2022, 6:59pm

[Using Supabase Auth Plugin]
I made a video demonstrating this bug.
When you create a new userRoles within the WeWeb UI, WeWeb is posting with the following body -

{
    "id": <role.id>,
    "userId": <user_id>,
    "roleId":<role.id>
}

That means that you can’t assign a role to more than 1 person. Which is not what a role is meant to do.

I was very surprised to see no one else had reported this already? Is no one else using the supabase auth plugin? or does no one actually have any users?

I can’t onboard anyone until this gets cleared up - luckily its probably 1 line of code in the plugin. thanks

justifi · December 16, 2022, 9:33pm

Context
assigning a role to a user generates a row in userRoles

What should happen
a new and random userRole.id is generated by postgres default function uuid_generate_v4()

What actually happens
weWeb passes userRoles.roleld as an argument for userRole.id when constructing userRoles

Matthieu · December 17, 2022, 12:10pm

Hey @flo

Is this linked to the bug we found this week where you can only give a role to one user.
When I gave your user an admin role, my user lost it.

Available for testing.

Matth-

IdeaGarage · December 22, 2022, 5:06am

Same for me. I do not use this configure meanwhile.

Topic		Replies	Views
Roles Issue - supabase How do I? authentication , supabase	3	259	July 16, 2024
[BUG] Supabase userRoles table requested too much Ask us anything supabase	3	240	May 26, 2023
User Supabase Role in other use cases as page access Ask us anything authentication	3	332	December 3, 2023
Implementing create new user in auth.users in supabase How do I? authentication , supabase	8	1190	October 12, 2024
Problem with RLS and roles/userRoles table Ask us anything authentication , supabase	2	116	June 10, 2024

userRoles is SupaBroken

Related topics