Mmetụta
Ndị na-awakpo nwere ike gafere mgbagha ngwa iji gụọ, melite ma ọ bụ hichapụ ndekọ dị na nchekwa data ma ọ bụrụ na akwadoghị ọkwa ọkwa ọkwa (RLS) nke ọma [S1]. Nke a na-ebutekarị ikpughe ozi njirimara nkeonwe (PII) ma ọ bụ data ngwa dị nro nye ndị ọrụ nwere naanị igodo API ọha na-amaghị aha.
Ihe kpatara ya
Supabase na-eji Postgres Row Level Security iji jikwaa ịnweta data na ọkwa nchekwa data, nke bụ isi maka ịchekwa data [S1]. Na gburugburu Next.js, ndị mmepe ga-emepụtarịrị onye ahịa Supabase nke na-ejikwa kuki na nnọkọ n'ụzọ ziri ezi iji dokwaa nchekwa n'oge ntụgharị [S2]. Ọdịmma na-ebilite mgbe:
- A na-emepụta tebụl na-enweghị ike RLS, na-eme ka ha nweta ya site na igodo anon ọha [S1].
- A na-ahazi onye ahịa Supabase na Next.js, na-agaghị agafe akara njirimara njirimara na nchekwa data [S2].
- Ndị mmepe na-eji igodo
service_rolena mberede na koodu ndị ahịa, nke na-agafe iwu RLS [S1].
Concrete ndozi
- Kwado RLS: Gbaa mbọ hụ na agbanyere nchekwa ọkwa ọkwa maka tebụl ọ bụla dị na Supabase nchekwa data [S1].
- Kọwaa amụma: Mepụta atumatu Postgres akọwapụtara maka
SELECT,INSERT,UPDATE, naDELETEarụmọrụ iji gbochie ịnweta UID dabere na ọrụ onye ọrụ. [S1]. - Jiri ndị ahịa SSR: Tinye ngwungwu
@supabase/ssriji mepụta ndị ahịa na Next.js nke jikwaa nyocha n'akụkụ sava na nkwụsi ike nke oge [S2].
Kedu ka FixVibe si nwalee ya
FixVibe ekpuchilarị nke a site na ngwa etinyere na nlele repo. Modul baas.supabase-rls nke na-agafe agafe na-achọpụta Supabase URL na ụzọ abụọ na-abụghị isi sitere na ngwugwu Javascript sitere na otu, na-ajụ PostgREST maka metadata tebụl ọha, ma na-ahọrọ naanị ịgụ naanị iji kwado mkpughe data amaghị aha na-enweghị mgbanwe data ndị ahịa. Nyochaa Repo na-agba ọsọ repo.supabase.missing-rls iji ọkọlọtọ Mbugharị SQL na-emepụta tebụl ọha na-enweghị ENABLE ROW LEVEL SECURITY, na nyocha nzuzo na-achọ ikpughe igodo ọrụ tupu ọ erute ihe nchọgharị ahụ.