Developer ditches Supabase RLS policies after role inheritance triggers infinite recursion loop
A developer encountered an infinite recursion error in PostgreSQL's Row Level Security system after adding a new agent_readonly role to an authenticated membership in April 2026. The error, caught via Sentry, stemmed not from a faulty policy but from how Postgres evaluates all permissive policies tied to the authenticated role, which the new role inherited. Because a policy on the cours table queried the user_roles table, and user_roles itself had policies under the same authenticated scope, adding the new role closed a recursive loop. Attempted fixes including SECURITY DEFINER functions and role isolation proved either fragile or unsustainable at scale. The developer ultimately abandoned RLS policies in favor of a JWT custom claims hook to manage authorization outside the recursive policy evaluation chain.
This is an AI-generated summary. ShortSingh links to the original source for the complete article.
Discussion (0)
Log in to join the discussion and vote.
Log in