diff --git a/migrations/db/migrations/20231020085357_revoke_writes_on_cron_job_from_postgres.sql b/migrations/db/migrations/20231020085357_revoke_writes_on_cron_job_from_postgres.sql index 25b827110..4aea5d10c 100644 --- a/migrations/db/migrations/20231020085357_revoke_writes_on_cron_job_from_postgres.sql +++ b/migrations/db/migrations/20231020085357_revoke_writes_on_cron_job_from_postgres.sql @@ -40,6 +40,7 @@ END; $$; drop event trigger if exists issue_pg_cron_access; +alter function extensions.grant_pg_cron_access owner to supabase_admin; CREATE EVENT TRIGGER issue_pg_cron_access ON ddl_command_end WHEN TAG IN ('CREATE EXTENSION') EXECUTE FUNCTION extensions.grant_pg_cron_access(); diff --git a/migrations/db/migrations/20250402065937_alter_internal_event_triggers_owner_to_supabase_admin.sql b/migrations/db/migrations/20250402065937_alter_internal_event_triggers_owner_to_supabase_admin.sql new file mode 100644 index 000000000..9308f07d4 --- /dev/null +++ b/migrations/db/migrations/20250402065937_alter_internal_event_triggers_owner_to_supabase_admin.sql @@ -0,0 +1,10 @@ +-- migrate:up +drop event trigger if exists issue_pg_net_access; + +alter function extensions.grant_pg_net_access owner to supabase_admin; + +CREATE EVENT TRIGGER issue_pg_net_access ON ddl_command_end + WHEN TAG IN ('CREATE EXTENSION') + EXECUTE FUNCTION extensions.grant_pg_net_access(); + +-- migrate:down diff --git a/nix/ext/supautils.nix b/nix/ext/supautils.nix index f3f5f1482..40973a1af 100644 --- a/nix/ext/supautils.nix +++ b/nix/ext/supautils.nix @@ -2,7 +2,7 @@ stdenv.mkDerivation rec { pname = "supautils"; - version = "2.6.0"; + version = "2.9.1"; buildInputs = [ postgresql ]; @@ -10,13 +10,13 @@ stdenv.mkDerivation rec { owner = "supabase"; repo = pname; rev = "refs/tags/v${version}"; - hash = "sha256-QNfUpQjqHNzbNqBvjb5a3GtNH9hjbBMDUK19xUU3LpI="; + hash = "sha256-Rw7dmIUg9bJ7SuiHxCsZtnVhdG9hg4WlptiB/MxVmPc="; }; installPhase = '' mkdir -p $out/lib - install -D *${postgresql.dlSuffix} -t $out/lib + install -D build/*${postgresql.dlSuffix} -t $out/lib ''; meta = with lib; { diff --git a/nix/tests/expected/evtrigs.out b/nix/tests/expected/evtrigs.out index 7f8025834..3e3f523fc 100644 --- a/nix/tests/expected/evtrigs.out +++ b/nix/tests/expected/evtrigs.out @@ -12,14 +12,14 @@ join pg_namespace n_func where p.prorettype = 'event_trigger'::regtype; evtname | evtowner | evtfunction_schema | evtfunction | function_owner ----------------------------------------+----------------+--------------------+------------------------------------+---------------- - issue_pg_net_access | postgres | extensions | grant_pg_net_access | postgres issue_pg_graphql_access | supabase_admin | extensions | grant_pg_graphql_access | supabase_admin issue_graphql_placeholder | supabase_admin | extensions | set_graphql_placeholder | supabase_admin pgrst_ddl_watch | supabase_admin | extensions | pgrst_ddl_watch | supabase_admin pgrst_drop_watch | supabase_admin | extensions | pgrst_drop_watch | supabase_admin graphql_watch_ddl | supabase_admin | graphql | graphql.increment_schema_version | supabase_admin graphql_watch_drop | supabase_admin | graphql | graphql.increment_schema_version | supabase_admin - issue_pg_cron_access | supabase_admin | extensions | grant_pg_cron_access | postgres + issue_pg_cron_access | supabase_admin | extensions | grant_pg_cron_access | supabase_admin + issue_pg_net_access | supabase_admin | extensions | grant_pg_net_access | supabase_admin pg_tle_event_trigger_for_drop_function | supabase_admin | pgtle | pgtle.pg_tle_feature_info_sql_drop | supabase_admin pgaudit_ddl_command_end | supabase_admin | public | pgaudit_ddl_command_end | supabase_admin pgaudit_sql_drop | supabase_admin | public | pgaudit_sql_drop | supabase_admin