name: supabase-rls description: >- Supabase RLS 政策規範。Use when creating or modifying RLS policies (CREATE POLICY, ALTER POLICY), setting up Row Level Security, or working with database access control. Always use this skill for RLS design, policy templates, and role-based access patterns.
Supabase RLS 政策規範
service_role 繞過規則已定義在 CLAUDE.md。本 skill 提供完整 RLS 實作指引。
核心原則
使用 Helper 函式
建議建立 helper 函式取代直接查表:
-- ✅ 使用 helper
your_schema.current_user_role()
your_schema.current_user_id()
-- ❌ 直接查表(效能差)
SELECT role FROM your_schema.user_roles WHERE id = auth.uid()
RLS 開啟原則
ALTER TABLE your_schema.new_table ENABLE ROW LEVEL SECURITY;
ALTER TABLE your_schema.new_table FORCE ROW LEVEL SECURITY;
常見問題
| 症狀 | 原因 | 解法 |
|---|---|---|
| Toast 成功但資料沒變 | 缺少 service_role 繞過 | 加上 (SELECT auth.role()) = 'service_role' |
| 查詢回傳空陣列 | RLS 未開放讀取 | 檢查 SELECT policy |
參考資料
| 檔案 | 內容 |
|---|---|
| references/templates.md | Policy 模板 + 角色階層 |
檢查清單
- 包含
(SELECT auth.role()) = 'service_role'繞過 - 使用 helper 函式而非直接查表
- INSERT/UPDATE/DELETE 都有對應 policy
-
supabase db lint --level warning無警告
chat Comments (0)
Sign in to join the discussion and leave a comment.
Skill Details
GitHub Stars
38
GitHub Forks
2
Created
Mar 2026
Last Updated
il y a 3 mois
tools
tools system admin
Related Skills
Build your own?
Join 12,000+ developers contributing to the Claude ecosystem.
No comments yet. Be the first to share your thoughts!