Move set owner to null

[wdavidw]

Bug report

While upgrading our application with the latest Docker files, we encountered a few issues:

• A change of behavior where the object is no longer updated. This is cover in issues #359 and #427. While a comment mentions that "conceptually objects are immutable", functionally speaking, they are moved. A philosophical question one would argue but the function is called moved, not remove + upload. This change of behavior breaks our trigger functions but we could deal with it.

• What really concern us in this issue is moving an existing file. With the upload call, the owner field is correctly associated to the user of the supabase client. However, the move call set the owner field to null. For this, we have no workaround and shall be treated as a bug.

• [x] I confirm this is a bug with Supabase, not with my own application.

• [x] I confirm I have searched the Docs, GitHub Discussions, and Discord.

Describe the bug

When using supabase.storage.from(...).move, the owner field is set to null.

To Reproduce

This is how to reproduce the bug

await Promise.all(files.map( async file => {
  Promise.resolve()
  .then(async() => {
    const { data, error } = await supabaseClient
      .storage.from('kb_document_assets')
      .upload(
          `staging/${user.id}/${file.name}`,
          file
        )
    console.log('upload', data, error)
    return data
  })
  .then(async(upload) => {
    const { data, error } = await supabaseClient
      .storage.from('kb_document_assets')
      .move(
          upload.path,
          upload.path+'.test'
        )
    console.log('move', data, error)
  })
}))

From the studio console, the owner field is now null.

Expected behavior

The owner field should be associated with the Supabase client authenticated user.

System information

Our packages.json file includes

{...
    "@supabase/auth-helpers-nextjs": "^0.9.0",
    "@supabase/auth-helpers-react": "^0.4.2",
    "@supabase/ssr": "^0.1.0",
    "@supabase/supabase-js": "^2.39.3",
...}

Here are the container image versions:

• supabase/studio:20240101-8e4a094
• kong:2.8.1
• supabase/gotrue:v2.132.3
• postgrest/postgrest:v12.0.1
• supabase/realtime:v2.25.50
• supabase/storage-api:v0.43.11
• supabase/postgres-meta:v0.75.0
• supabase/postgres:15.1.0.147

Additional context

We are using the file storage backend.

I do not think my policy is to blame, it is also working fine with the previous version (around march 2023):

CREATE POLICY "Project assets are administered with document access."
  ON "storage"."objects"
  AS PERMISSIVE FOR ALL TO public
  USING (
    bucket_id = 'kb_document_assets' and auth.uid() IS NOT NULL
  )
  WITH CHECK (
    bucket_id = 'kb_document_assets' and auth.uid() IS NOT NULL
  );

[fenos]

This is now fixed