In several lints, we hard coded the public schema as the schema that is exposed over APIs.
The schema/s exposed over APIs is actually configurable so linting behavior was incorrect when defaults were overridden.
The best solution would be to use the value from current_setting('pgrst.db_schemas'), but that currently is not used in hosted Supabase
A middle ground solution is to check the permissions of the anon and authenticated roles since they must be explicitly granted access to anything outside of public. Its an imperfect proxy, but there is also no reason to grant API roles more permissions than are necessary so we can effectively restrict access in this way.
What kind of change does this PR introduce?
In several lints, we hard coded the
public
schema as the schema that is exposed over APIs.The schema/s exposed over APIs is actually configurable so linting behavior was incorrect when defaults were overridden.
The best solution would be to use the value from
current_setting('pgrst.db_schemas')
, but that currently is not used in hosted SupabaseA middle ground solution is to check the permissions of the
anon
andauthenticated
roles since they must be explicitly granted access to anything outside ofpublic
. Its an imperfect proxy, but there is also no reason to grant API roles more permissions than are necessary so we can effectively restrict access in this way.