Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Permission denied for stored procedure that updates user's email address in auth.users

See original GitHub issue

I created a stored procedure (aka function) in the database that I hoped would allow the user’s email address to be updated from the supabase JS client. When I ran it, I was met with an error message: ‘permission denied for schema auth’

Here’s what my ‘CREATE FUNCTION’ query looks like:

CREATE FUNCTION updateauthemail (new_email text, auth_id text)
RETURNS text AS $updated_data$
	DECLARE
		updated_data text;
	BEGIN
		UPDATE auth.users set email = new_email where id = auth_id;
		RETURN updated_data;
END;
$updated_data$ LANGUAGE plpgsql;

Do I need to add something to the function when creating it, or pass a certain param through the JS client on my Node.js server? Here’s the function I’m calling through the JS client:

const { data: rpcData, error: rpcErr } = await supabase.rpc(
      "updateauthemail",
      {
        auth_id: authId,
        new_email: updatedData.email,
      }
    );

_Originally posted by @dayvista in https://github.com/supabase/supabase/discussions/573#discussioncomment-358474_

Issue Analytics

  • State:closed
  • Created 3 years ago
  • Comments:5 (2 by maintainers)

github_iconTop GitHub Comments

3reactions
dayvistacommented, Feb 11, 2021

Thanks for the tip, @steve-chavez That almost did it, but I had to compare my declared auth_id variable against id rather than auth.uid(), like so:

UPDATE auth.users set email = new_email where id = auth_id;

That enabled me to pass the id through Node.js like this:

const { data: rpcData, error: rpcErr } = await supabase.rpc(
      "update_auth_email",
      {
        auth_id: authId,
        new_email: updatedData.email,
      }
    );

… and it worked! Thanks a ton to both of you for pointing me in the right direction.

1reaction
steve-chavezcommented, Feb 11, 2021

@dayvista The auth.uid() = auth_id; part in the UPDATE looks wrong.

Shouldn’t that be:

UPDATE auth.users set email = new_email where id = auth.uid();
Read more comments on GitHub >

github_iconTop Results From Across the Web

Grant Permissions on a Stored Procedure - SQL Server
This article describes how to grant permissions on a stored procedure in SQL Server by using SQL Server Management Studio or Transact-SQL.
Read more >
EXECUTE permission denied on object - sql - Stack Overflow
First create an executor role and then grant exec permission to this role.Then make your user member of this role.
Read more >
SQL Server Execute Permission Denied - DBA Stack Exchange
I have a small app which calls a stored procedure over ODBC using a sysadmin user with login and password. The problem is...
Read more >
Grant Execute Or View Permission To Stored Procedures In ...
In this article we'll learn how we can grant execute permission or view permission on stored procedures. We'll also see why users require ......
Read more >
Understand the reasons behind permission denied errors ...
To start with one needs to dig deep into the stored procedure to understand the cause of the permission denied error creeping up...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

Return values for supabase.rpc

Next page

Uncaught ReferenceError: process is not defined