Row-level security problems when creating a supabase's bucket

Question

everyone.

I'm new to Supabase and I'm exploring all the features available in this amazing platform. Unfortunately I'm having some troubles with bucket creation. I tried also create manually the bucket and then upload some file and I got the same error.

The error is: "new row violates row-level security policy for table "objects""

I would be really thankful if someone could help me.

Here is my code:

  const { data, error } = await supabase
  .storage
  .createBucket(`bucket-${user.id}`, { public: false })

  console.log(data, error);

Answer 1

I know it's pretty late but adding for future reader like myself.

Adding to what Mark said above. Supabase flows policy based protection for tables when you create a table it is generally disabled, but for bucket table it is enabled be default, I haven't tried to remove it as it's a good idea to have one, especially for assets like images.

What you should do is to define policy for you bucket same as shown in this video, it is from the CTO. He is doing for the tables he created, follow the same for storage.objects. Click on Policies from sidenav of storages page.

https://www.youtube.com/watch?v=qY_iQ10IUhs&ab_channel=Supabase

Never use service_role key on the UI side. It's the master key to your project.

Answer 2

See the policy permissions notes here:

https://supabase.io/docs/reference/javascript/storage-createbucket#notes

So it looks like you'll need insert permission set.

Answer 3

Your must create client with the SERVICE_KEY not the SUPABASE_KEY

You can find the SERVICE_KEY on :

Setings > (project setings) API > service_role secret click on reveal and copy the key

This key has the ability to bypass Row Level Security. Never share it publicly.