Enforce RLS when user opted in to MFA. (#188)

* Allow Super Admin to view tables using RLS * Replace previous usages of the Admin client using the authed client using the new RLS * Enforce MFA for Super Admin users * Enforce RLS when user opted in to MFA. * Add Super Admin Access Policies and Update Database Types * Consolidate super admin logic into a single function that uses the RPC is_super_admin * Added Super Admin E2E tests * Fixes and improvements * Bump version to 2.5.0
2025-03-02 10:21:01 +07:00
parent 9cf7bf0aac
commit 131b1061e6
61 changed files with 2193 additions and 302 deletions
--- a/apps/web/supabase/tests/database/memberships.test.sql
+++ b/apps/web/supabase/tests/database/memberships.test.sql
@@ -11,7 +11,7 @@ select makerkit.set_identifier('custom', 'custom@makerkit.dev');
 -- another user not in the team
 select tests.create_supabase_user('test', 'test@supabase.com');

-select tests.authenticate_as('owner');
+select makerkit.authenticate_as('owner');

 -- Can check if an account is a team member

@@ -25,7 +25,7 @@ select is(
  'The primary account owner can check if a member is a team member'
 );

-select tests.authenticate_as('member');
+select makerkit.authenticate_as('member');

 -- Member
 select is(
@@ -50,7 +50,7 @@ select isnt_empty(
  'The member can query the team account memberships using the get_account_members function'
 );

-select tests.authenticate_as('test');
+select makerkit.authenticate_as('test');

 -- Foreigners
 -- Cannot query the team account memberships