sensitive-blue
sensitive-blue17mo ago

Supabase Set role upon signup or signInWithOAuth

Hi again everyone, How to set claim for role in Supabase when user signup with email and password or signInWithOAuth in refine app I'm trying to integrate role base access thank you in advance.
4 Replies
kapa.ai
kapa.ai17mo ago
Hey @franzdev! I'm the kapa.ai support bot. I've searched through the docs to try to answer your question. :wave: ---------------------- To set a claim for a role in Supabase when a user signs up with email and password or signInWithOAuth in a refine app, you can follow these steps: 1. Set up Supabase Custom Claims as described in the refine blog post (https://refine.dev/blog/refine-pixels-6/). This will allow you to store and retrieve user roles in the auth.users.raw_app_meta_data field. 2. Bootstrap a claims_admin role for a first user using the Supabase SQL Editor, as mentioned in the blog post (https://refine.dev/blog/refine-pixels-6/). This will allow the user with the claims_admin role to set roles for other users. 3. After setting up the Custom Claims and bootstrapping the claims_admin role, you can set roles for your designated users using the Supabase SQL Editor. For example: 
select set_claim('designated-user-uuid', 'role', '"editor"');  
select set_claim('another-designated-user-uuid', 'role', '"admin"');  
select set_claim('designated-user-uuid', 'role', '"editor"');  
select set_claim('another-designated-user-uuid', 'role', '"admin"');
4. Update the getPermissions() method in your authProvider.ts file to use the supabaseClient.rpc() method to call the get_my_claims SQL function remotely, as shown in the refine blog post (https://refine.dev/blog/refine-pixels-6/): 
getPermissions: async () => {  
 const user = supabaseClient.auth.user();  
  
 if (!user) {  
 return Promise.reject();  
 }  
  
 const { data } = await supabaseClient.rpc('get_my_claim', { claim: 'role' });  
 return Promise.resolve(data);  
},  
getPermissions: async () => {  
 const user = supabaseClient.auth.user();  
  
 if (!user) {  
 return Promise.reject();  
 }  
  
 const { data } = await supabaseClient.rpc('get_my_claim', { claim: 'role' });  
 return Promise.resolve(data);  
},
5. Finally, update the can method in your accessControlProvider.ts file to use the role received from authProvider.getPermissions(): 
export const accessControlProvider = {  
 can: async ({ resource, action }: CanParams): Promise<CanReturnType> => {  
 const role = await authProvider.getPermissions();  
  
 const enforcer = await newEnforcer(model, adapter);  
 const can = await enforcer.enforce(role, resource, action);  
  
 return Promise.resolve({  
 can,  
 });  
 }  
};  
export const accessControlProvider = {  
 can: async ({ resource, action }: CanParams): Promise<CanReturnType> => {  
 const role = await authProvider.getPermissions();  
  
 const enforcer = await newEnforcer(model, adapter);  
 const can = await enforcer.enforce(role, resource, action);  
  
 return Promise.resolve({  
 can,  
 });  
 }  
};
By following these steps, you should be able to set and retrieve user roles in your refine app when users sign up or sign in with OAuth. ----------------------
kapa.ai
kapa.ai17mo ago
<@619660544319684609> kapa.ai is still learning and improving, please let us how it did by reacting below
deep-jade
deep-jade17mo ago
refine has access control provider for role based access. currently we don't have example with supabase but you can call authProvider?.getIdentity on accessControlProvider.can function to implement with supabase https://refine.dev/docs/advanced-tutorials/access-control/#adding-accesscontrolprovider
dependent-tan
dependent-tan14mo ago
wow this worked for me, i created my own custom ABAC and I needed to access the authprovider.getPermissions method so I wrapped it inside a function and which returned the shape as request by the access control provider
More Posts
Resource in useCustomMutation successNotification parameterHow do I access or pass a resource name into useCustomMutation? I use this hook to have a reorderingUse more than one Supabase Table on one PageHey lovely Refine Team, I cant find how to use Data of two Supabase Tables on one Page.how to adding custom type in option(queryOptions) select useCustom ?my use case is to overrides data from api via select options(queryOptions) but i dont know how to aTSconfig errorHey Everyone - I was wondering if anyone else was running into these errors as they were starting a I can't connect my client id as it is asking for a string instead of client_id: process.env.REACT_API can't connect my client id as it is asking for a string instead of client_id: process.env.REACT_API'm trying to create a projectHello everyone, I'm trying to create a project but it only comes with the header, how do I get the sError after upgrade to v4: Uncaught Error: No QueryClient set, use QueryClientProvider to set oneHello everything is fine? by the stack trace the error is in the method: useIsAuthenticated, I am usMultitenant URLsHi all! Anyone have more info on how to provide props to the nextjs-router in v4? We are multitenanUsing response data in errorNotification useFormHello, My REST API sends a JSON with explanation of what's wrong with the response when request failImplement Google Maps in a FormHello everyone, I am having trouble implementing google maps in a form where the user should fill so