M1ngdaXie/DocNest
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

set up for deployment

Browse Source
This commit is contained in:
M1ngdaXie
2026-01-12 00:16:55 -08:00
parent 6b1ed8d11c
commit 819760662a
26 changed files with 568 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
backend/scripts/009_disable_postgrest.sql Normal file
View File

@@ -0,0 +1,16 @@
-- Migration: Revoke PostgREST access to public schema
-- This prevents Supabase's auto-generated REST API from exposing tables
-- Use this if you ONLY connect via your Go backend, not via Supabase client libraries
-- Revoke access from anon and authenticated roles (used by PostgREST)
REVOKE ALL ON ALL TABLES IN SCHEMA public FROM anon, authenticated;
REVOKE ALL ON ALL SEQUENCES IN SCHEMA public FROM anon, authenticated;
REVOKE ALL ON ALL FUNCTIONS IN SCHEMA public FROM anon, authenticated;
-- Grant access only to postgres role (your backend connection)
GRANT ALL ON ALL TABLES IN SCHEMA public TO postgres;
GRANT ALL ON ALL SEQUENCES IN SCHEMA public TO postgres;
GRANT ALL ON ALL FUNCTIONS IN SCHEMA public TO postgres;
-- Note: Run this AFTER all other migrations
-- If you need PostgREST access later, you can re-grant permissions selectively