Skip to content

Commit 2acf876

Browse files
WcaleNieWolnyWcaleNieWolny
committed
fix: coderabbit
1 parent 7995d70 commit 2acf876

1 file changed

Lines changed: 5 additions & 0 deletions

File tree

supabase/migrations/20251228160000_get_org_members_apikey_support.sql

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -27,3 +27,8 @@ BEGIN
2727
END;
2828
$$;
2929

30+
-- Revoke public access to inner function to prevent bypassing authorization
31+
-- The inner function should only be called by the wrapper or service_role
32+
REVOKE ALL ON FUNCTION "public"."get_org_members" ("user_id" uuid, "guild_id" uuid) FROM "anon";
33+
REVOKE ALL ON FUNCTION "public"."get_org_members" ("user_id" uuid, "guild_id" uuid) FROM "authenticated";
34+

0 commit comments

Comments
 (0)