System updates#
All projects#
New projects#
- PostgreSQL updated to v14.1
Manual Changes Required#
Update custom auth functions#
Details#
The PostgREST release notes document some changes to the way GUC variables are handled here.
Supabase has created a config flag in the Dashboard to ensure that this will not be a breaking change. These changes are required before you can upgrade to PostgreSQL 14+, or use Realtime RLS.
Supabase has already updated all the default auth functions (auth.uid(), auth.role() and auth.email()), however we have no way of updating functions which we have not written ourselves.
Affected#
- Any project that have custom
authfunctions or generally any function that use legacy GUC naming convention to access JWT claims (egcurrent_setting('request.jwt.claims.XXX', true).- This change is required for PostgreSQL 14+.
- This change is required for Realtime row level security
Unaffected#
- New projects
- Existing projects who haven't written custom
authfunctions.
How to update#
You need to update all functions that are using the legacy GUC naming convention (current_setting('request.jwt.claims.XXX', true)) to use the new convention (current_setting('request.jwt.claims', true)::json->>'XXX').
After you have made this change, you can safely
Example#
For example, Supabase rewrote the auth.role() functions like this, to handle both legacy and new:
_19-- PREVIOUSLY_19create or replace function auth.role() _19returns text _19language sql stable_19as $$_19 select current_setting('request.jwt.claim.role', true)::text;_19$$;_19_19-- UPDATED FUNCTION TO HANDLE NEW GUC NAMING SCHEME_19create or replace function auth.role() _19returns text _19language sql stable_19as $$_19 select _19 \tcoalesce(_19 \t\tcurrent_setting('request.jwt.claim.role', true),_19\t\t(current_setting('request.jwt.claims', true)::jsonb ->> 'role')_19\t)::text_19$$;