You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
38 lines
1.6 KiB
38 lines
1.6 KiB
-- Run this in Supabase SQL Editor if you get "Bucket not found" when saving profile with avatar.
|
|
-- If the INSERT fails (e.g. "relation storage.buckets does not exist" or column errors),
|
|
-- create the bucket in Dashboard: Storage → New bucket → name "avatars", Public ON.
|
|
|
|
-- 1) Create the bucket
|
|
INSERT INTO storage.buckets (id, name, public, file_size_limit, allowed_mime_types)
|
|
VALUES (
|
|
'avatars',
|
|
'avatars',
|
|
true,
|
|
2097152,
|
|
ARRAY['image/jpeg', 'image/png', 'image/gif', 'image/webp']
|
|
)
|
|
ON CONFLICT (id) DO NOTHING;
|
|
|
|
-- 2) RLS policies so users can upload to their own folder and everyone can read
|
|
DROP POLICY IF EXISTS "Users can upload own avatar" ON storage.objects;
|
|
DROP POLICY IF EXISTS "Users can update own avatar" ON storage.objects;
|
|
DROP POLICY IF EXISTS "Users can delete own avatar" ON storage.objects;
|
|
DROP POLICY IF EXISTS "Avatar images are publicly readable" ON storage.objects;
|
|
|
|
CREATE POLICY "Users can upload own avatar"
|
|
ON storage.objects FOR INSERT TO authenticated
|
|
WITH CHECK (bucket_id = 'avatars' AND (storage.foldername(name))[1] = (auth.jwt()->>'sub'));
|
|
|
|
CREATE POLICY "Users can update own avatar"
|
|
ON storage.objects FOR UPDATE TO authenticated
|
|
USING (bucket_id = 'avatars' AND (storage.foldername(name))[1] = (auth.jwt()->>'sub'))
|
|
WITH CHECK (bucket_id = 'avatars' AND (storage.foldername(name))[1] = (auth.jwt()->>'sub'));
|
|
|
|
CREATE POLICY "Users can delete own avatar"
|
|
ON storage.objects FOR DELETE TO authenticated
|
|
USING (bucket_id = 'avatars' AND (storage.foldername(name))[1] = (auth.jwt()->>'sub'));
|
|
|
|
CREATE POLICY "Avatar images are publicly readable"
|
|
ON storage.objects FOR SELECT TO public
|
|
USING (bucket_id = 'avatars');
|