mirror of
https://github.com/kou029w/_.git
synced 2025-01-31 06:18:07 +00:00
51 lines
2.6 KiB
SQL
51 lines
2.6 KiB
SQL
-- (c) 2021 Supabase Inc.
|
|
-- license: https://github.com/supabase/supabase/blob/master/LICENSE
|
|
-- https://github.com/supabase/supabase/blob/30b9f748fe163420375244fa350e14bcfa235a3f/docker/volumes/db/init/00-initial-schema.sql
|
|
|
|
-- Set up reatime
|
|
-- create publication supabase_realtime; -- defaults to empty publication
|
|
create publication supabase_realtime;
|
|
|
|
-- Supabase super admin
|
|
create user supabase_admin;
|
|
alter user supabase_admin with superuser createdb createrole replication bypassrls;
|
|
|
|
-- Extension namespacing
|
|
create SCHEMA IF NOT exists extensions;
|
|
create extension if not exists "uuid-ossp" with schema extensions;
|
|
create extension if not exists pgcrypto with schema extensions;
|
|
create extension if not exists pgjwt with schema extensions;
|
|
|
|
-- Set up auth roles for the developer
|
|
create role anon nologin noinherit;
|
|
create role authenticated nologin noinherit; -- "logged in" user: web_user, app_user, etc
|
|
create role service_role nologin noinherit bypassrls; -- allow developers to create JWT's that bypass their policies
|
|
|
|
create user authenticator noinherit;
|
|
grant anon to authenticator;
|
|
grant authenticated to authenticator;
|
|
grant service_role to authenticator;
|
|
grant supabase_admin to authenticator;
|
|
|
|
grant usage on schema public to postgres, anon, authenticated, service_role;
|
|
alter default privileges in schema public grant all on tables to postgres, anon, authenticated, service_role;
|
|
alter default privileges in schema public grant all on functions to postgres, anon, authenticated, service_role;
|
|
alter default privileges in schema public grant all on sequences to postgres, anon, authenticated, service_role;
|
|
|
|
-- Allow Extensions to be used in the API
|
|
grant usage on schema extensions to postgres, anon, authenticated, service_role;
|
|
|
|
-- Set up namespacing
|
|
alter user supabase_admin SET search_path TO public, extensions; -- don't include the "auth" schema
|
|
|
|
-- These are required so that the users receive grants whenever "supabase_admin" creates tables/function
|
|
alter default privileges for user supabase_admin in schema public grant all
|
|
on sequences to postgres, anon, authenticated, service_role;
|
|
alter default privileges for user supabase_admin in schema public grant all
|
|
on tables to postgres, anon, authenticated, service_role;
|
|
alter default privileges for user supabase_admin in schema public grant all
|
|
on functions to postgres, anon, authenticated, service_role;
|
|
|
|
-- Set short statement/query timeouts for API roles
|
|
alter role anon set statement_timeout = '3s';
|
|
alter role authenticated set statement_timeout = '8s';
|