mirror of
https://github.com/Memo-2023/mana-monorepo.git
synced 2026-05-17 07:19:39 +02:00
88e3adb9d3
Adds the second RLS policy needed for shared spaces. Users can read rows in any space they're a member of, in addition to their own rows. Changes: - New policy sync_changes_space_member_read (SELECT only) uses app.current_user_space_ids session config: rows with space_id in that comma-separated list pass RLS. - WITH CHECK is not extended — writes still require user_id match, so only the author can write. Members read, owner/author writes. - withUser() is now a thin wrapper around withUserAndMemberships(), which accepts the caller's Space membership list and sets the new session config alongside app.current_user_id. - The comma-join is empty-filtered so stray blank entries can't match rows with literal empty space_id (defense in depth). Forward-compatible: today every space has exactly one member (the author), so the membership list is always empty and the new policy is a no-op — user_id isolation remains the only active guard. When shared spaces start being used (clubs/teams/brand spaces with invites), the HTTP handlers will fetch the caller's membership from mana-auth and pass it to withUserAndMemberships. No migration needed at that point — the policy is already live. Subscription fan-out (WS/SSE broadcast to all space members) is still per-user; that's a follow-up tied to the membership lookup infra. Go build + existing tests pass. Plan: docs/plans/spaces-foundation.md Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> |
||
|---|---|---|
| .. | ||
| auth | ||
| backup | ||
| billing | ||
| config | ||
| store | ||
| sync | ||
| ws | ||