admtracksteel/RDO
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: SQL simplificado que verifica tabelas existentes antes de aplicar RLS

Browse Source
This commit is contained in:
Reifonas
2026-02-24 07:26:00 -03:00
parent c533bd8c10
commit f053d5e60b
2 changed files with 222 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

182
fix_rls_simples.sql Normal file
View File

@@ -0,0 +1,182 @@
-- ============================================================================
-- CORREÇÃO SIMPLES - ERRO 401 NO LOGIN
-- ============================================================================
-- Este script corrige apenas as tabelas que existem
-- Execute no SQL Editor do Supabase
-- ============================================================================
-- 1. VERIFICAR E CORRIGIR APENAS TABELA USUARIOS
-- ============================================================================
-- Desabilitar RLS temporariamente
ALTER TABLE IF EXISTS public.usuarios DISABLE ROW LEVEL SECURITY;
-- Limpar políticas antigas
DO $$
BEGIN
-- Dropar todas as políticas da tabela usuarios se existir
IF EXISTS (SELECT 1 FROM information_schema.tables WHERE table_schema = 'public' AND table_name = 'usuarios') THEN
DROP POLICY IF EXISTS "Users can view own profile" ON public.usuarios;
DROP POLICY IF EXISTS "Users can update own profile" ON public.usuarios;
DROP POLICY IF EXISTS "Admins can view all profiles" ON public.usuarios;
DROP POLICY IF EXISTS "Dev can do everything" ON public.usuarios;
DROP POLICY IF EXISTS "Users can create own profile" ON public.usuarios;
DROP POLICY IF EXISTS "Permitir leitura do próprio perfil" ON public.usuarios;
DROP POLICY IF EXISTS "Dev e Admins veem todos usuarios" ON public.usuarios;
DROP POLICY IF EXISTS "Super Admin Total" ON public.usuarios;
DROP POLICY IF EXISTS "Atualizar proprio perfil" ON public.usuarios;
DROP POLICY IF EXISTS "Admins podem criar usuários" ON public.usuarios;
DROP POLICY IF EXISTS "Usuários podem atualizar próprio perfil" ON public.usuarios;
DROP POLICY IF EXISTS "Usuários veem membros da organização" ON public.usuarios;
DROP POLICY IF EXISTS "authenticated_all_access" ON public.usuarios;
END IF;
END $$;
-- Reabilitar RLS
ALTER TABLE IF EXISTS public.usuarios ENABLE ROW LEVEL SECURITY;
-- Criar política super permissiva
CREATE POLICY "authenticated_full_access" ON public.usuarios
FOR ALL
USING (auth.uid() IS NOT NULL)
WITH CHECK (auth.uid() IS NOT NULL);
-- 2. VERIFICAR E CORRIGIR TABELA ORGANIZACOES (SE EXISTIR)
-- ============================================================================
DO $$
BEGIN
IF EXISTS (SELECT 1 FROM information_schema.tables WHERE table_schema = 'public' AND table_name = 'organizacoes') THEN
ALTER TABLE public.organizacoes DISABLE ROW LEVEL SECURITY;
DROP POLICY IF EXISTS "Users view own org" ON public.organizacoes;
DROP POLICY IF EXISTS "Dev view all orgs" ON public.organizacoes;
DROP POLICY IF EXISTS "Dev manage orgs" ON public.organizacoes;
DROP POLICY IF EXISTS "Users can view orgs during signup" ON public.organizacoes;
DROP POLICY IF EXISTS "Users can create org" ON public.organizacoes;
DROP POLICY IF EXISTS "Usuários veem suas organizações" ON public.organizacoes;
DROP POLICY IF EXISTS "Owners podem atualizar organização" ON public.organizacoes;
DROP POLICY IF EXISTS "Usuários autenticados podem criar organização" ON public.organizacoes;
DROP POLICY IF EXISTS "authenticated_all_access" ON public.organizacoes;
ALTER TABLE public.organizacoes ENABLE ROW LEVEL SECURITY;
CREATE POLICY "authenticated_full_access" ON public.organizacoes
FOR ALL
USING (auth.uid() IS NOT NULL)
WITH CHECK (auth.uid() IS NOT NULL);
END IF;
END $$;
-- 3. VERIFICAR E CORRIGIR TABELA ORGANIZACAO_USUARIOS (SE EXISTIR)
-- ============================================================================
DO $$
BEGIN
IF EXISTS (SELECT 1 FROM information_schema.tables WHERE table_schema = 'public' AND table_name = 'organizacao_usuarios') THEN
ALTER TABLE public.organizacao_usuarios DISABLE ROW LEVEL SECURITY;
DROP POLICY IF EXISTS "Users can create org membership" ON public.organizacao_usuarios;
DROP POLICY IF EXISTS "Ver membros da organização" ON public.organizacao_usuarios;
DROP POLICY IF EXISTS "Admins gerenciam membros" ON public.organizacao_usuarios;
DROP POLICY IF EXISTS "authenticated_all_access" ON public.organizacao_usuarios;
ALTER TABLE public.organizacao_usuarios ENABLE ROW LEVEL SECURITY;
CREATE POLICY "authenticated_full_access" ON public.organizacao_usuarios
FOR ALL
USING (auth.uid() IS NOT NULL)
WITH CHECK (auth.uid() IS NOT NULL);
END IF;
END $$;
-- 4. GARANTIR PERMISSÕES PARA AUTHENTICATED ROLE
-- ============================================================================
GRANT USAGE ON SCHEMA public TO authenticated, anon;
GRANT ALL ON ALL TABLES IN SCHEMA public TO authenticated;
GRANT ALL ON ALL SEQUENCES IN SCHEMA public TO authenticated;
GRANT ALL ON ALL FUNCTIONS IN SCHEMA public TO authenticated;
-- 5. CORRIGIR FUNÇÃO DE CRIAÇÃO DE USUÁRIO
-- ============================================================================
CREATE OR REPLACE FUNCTION public.handle_new_user()
RETURNS TRIGGER
SECURITY DEFINER
SET search_path = public
AS $$
DECLARE
user_name TEXT;
BEGIN
-- Extrair nome do usuário
user_name := COALESCE(
NEW.raw_user_meta_data->>'nome',
NEW.raw_user_meta_data->>'name',
NEW.raw_user_meta_data->>'full_name',
NEW.raw_user_meta_data->>'display_name',
split_part(NEW.email, '@', 1)
);
-- Inserir ou atualizar usuário
INSERT INTO public.usuarios (
id,
email,
nome,
role,
ativo
) VALUES (
NEW.id,
NEW.email,
user_name,
'usuario',
true
)
ON CONFLICT (id) DO UPDATE SET
email = EXCLUDED.email,
nome = COALESCE(EXCLUDED.nome, public.usuarios.nome),
updated_at = NOW();
RETURN NEW;
EXCEPTION
WHEN OTHERS THEN
RAISE WARNING 'Erro ao criar usuário: %', SQLERRM;
RETURN NEW;
END;
$$ LANGUAGE plpgsql;
-- 6. GARANTIR QUE O TRIGGER ESTÁ ATIVO
-- ============================================================================
DROP TRIGGER IF EXISTS on_auth_user_created ON auth.users;
CREATE TRIGGER on_auth_user_created
AFTER INSERT ON auth.users
FOR EACH ROW
EXECUTE FUNCTION public.handle_new_user();
-- 7. VERIFICAÇÃO FINAL
-- ============================================================================
-- Listar tabelas existentes
SELECT 'Tabelas no schema public:' as info;
SELECT table_name FROM information_schema.tables
WHERE table_schema = 'public'
ORDER BY table_name;
-- Listar políticas criadas
SELECT 'Políticas RLS criadas:' as info;
SELECT tablename, policyname, cmd
FROM pg_policies
WHERE schemaname = 'public'
ORDER BY tablename;
-- Teste de acesso
SELECT 'Teste de contagem:' as info;
SELECT COUNT(*) as total_usuarios FROM public.usuarios;
-- ============================================================================
-- SUCESSO!
-- ============================================================================
-- Agora tente fazer login novamente no app
-- ============================================================================

40
verificar_tabelas.sql Normal file
View File

@@ -0,0 +1,40 @@
-- ============================================================================
-- VERIFICAR ESTRUTURA DO BANCO
-- ============================================================================
-- 1. Listar todas as tabelas no schema public
SELECT
table_name,
table_type
FROM information_schema.tables
WHERE table_schema = 'public'
ORDER BY table_name;
-- 2. Verificar se as tabelas críticas existem
SELECT
CASE
WHEN EXISTS (SELECT 1 FROM information_schema.tables WHERE table_schema = 'public' AND table_name = 'usuarios')
THEN '✅ usuarios existe'
ELSE '❌ usuarios NÃO existe'
END as usuarios_status,
CASE
WHEN EXISTS (SELECT 1 FROM information_schema.tables WHERE table_schema = 'public' AND table_name = 'organizacoes')
THEN '✅ organizacoes existe'
ELSE '❌ organizacoes NÃO existe'
END as organizacoes_status,
CASE
WHEN EXISTS (SELECT 1 FROM information_schema.tables WHERE table_schema = 'public' AND table_name = 'organizacao_usuarios')
THEN '✅ organizacao_usuarios existe'
ELSE '❌ organizacao_usuarios NÃO existe'
END as organizacao_usuarios_status;
-- 3. Verificar políticas RLS nas tabelas que existem
SELECT
schemaname,
tablename,
policyname,
permissive,
cmd
FROM pg_policies
WHERE schemaname = 'public'
ORDER BY tablename, policyname;