Skip to content

feat: add lint to detect RLS policies that allow access to anonymous users #28

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 14 commits into
base: main
Choose a base branch
from
Open

feat: add lint to detect RLS policies that allow access to anonymous users #28

wants to merge 14 commits into from

Conversation

kangmingtay
Copy link
Member

@kangmingtay kangmingtay commented Apr 3, 2024
edited
Loading

What kind of change does this PR introduce?

  • adds a lint to check if there are any policies that allow access to anonymous users

What is the current behavior?

  • currently, if a user enables anonymous sign-ins for their project, they need to manually check existing RLS policies to see if any of them are compromised.

What is the new behavior?

  • this lint will highlight any policies that:
    • are associated to the authenticated, public, or any other role members
    • policies that don't contain the auth.jwt()->>'is_anonymous' expression in the policy definition

Additional context

Add any other context or screenshots.

@kangmingtay kangmingtay force-pushed the km/add-lint-for-anonymous-users branch from 92fd399 to 172f6f2 Compare April 3, 2024 08:11
@kangmingtay kangmingtay force-pushed the km/add-lint-for-anonymous-users branch from f20e755 to 32a0738 Compare April 3, 2024 08:26
@olirice olirice self-requested a review April 3, 2024 13:09
olirice
olirice requested changes Apr 3, 2024
View reviewed changes
Copy link
Collaborator

@olirice olirice left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is there a way to check if a user has enabled anonymous logins from within the database? Currently this lint will fire on almost every project and only a small fraction are likely to enable anonymous logins in the short term.

@kangmingtay kangmingtay requested a review from olirice April 4, 2024 07:08
kangmingtay
kangmingtay commented Apr 4, 2024
View reviewed changes
olirice
olirice reviewed Apr 4, 2024
View reviewed changes
Copy link
Collaborator

@olirice olirice left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Before we can merge this we need to get the FE integration updated to not run all lints by default.

Terry is back tomorrow and I'll discuss it with him then but this might get pushed out til the week after LW as everyone is starting to get crunched

hf
hf reviewed Apr 17, 2024
View reviewed changes
hf
hf reviewed Apr 17, 2024
View reviewed changes
charislam
charislam reviewed Apr 26, 2024
View reviewed changes
lints/0012_auth_allow_anonymous_sign_ins.sql
'INFO' as level,
'EXTERNAL' as facing,
'Detects row level security (RLS) policies that allow access to anonymous users.' as description,
'https://supabase.github.io/splinter/0012_auth_allow_anonymous_sign_ins' as remediation,
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could you change this to a main docs site link please? Following the pattern here: https://supabase.com/docs/guides/database/database-advisors

@kangmingtay
Copy link
Member Author

blocked on deciding how we can run lints conditionally on the platform - currently, there's no way to conditionally execute a lint from the splinter.sql file

MostafaGoodsh
MostafaGoodsh reviewed Jul 10, 2025
View reviewed changes
Copy link

@MostafaGoodsh MostafaGoodsh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Cool

@kimsoo527

This comment was marked as abuse.

Sign in to view
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@hf hf hf left review comments

@olirice olirice olirice requested changes

@charislam charislam charislam left review comments

+6 more reviewers

@MostafaGoodsh MostafaGoodsh MostafaGoodsh left review comments

@Hanyturbo Hanyturbo Hanyturbo approved these changes

@Zee2531 Zee2531 Zee2531 approved these changes

@Scottynoz Scottynoz Scottynoz approved these changes

@TopSpinTechie TopSpinTechie TopSpinTechie approved these changes

@goldencoirtufts goldencoirtufts goldencoirtufts approved these changes

Reviewers whose approvals may not affect merge requirements

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.