Lovable database

RLS Allows SELECT But Blocks INSERT/UPDATE

Users can read data from table but cannot insert or update. 'permission denied' error on insert/update despite having select access. RLS policies inconsistently applied across operations.

Each database operation (SELECT, INSERT, UPDATE, DELETE) needs its own RLS policy. Common mistake is creating only SELECT policy and assuming others inherit.

Error Messages You Might See

permission denied for table insert or update on table violates policy Violation of row-level security policy

permission denied for table insert or update on table violates policy Violation of row-level security policy

Common Causes

INSERT policy doesn't exist or uses wrong auth check
WITH CHECK clause missing from INSERT policy
UPDATE policy missing or references wrong columns
Policy targets wrong role (anon vs authenticated)
Multiple conflicting policies with AND logic

How to Fix It

Create separate policies for each operation:

-- SELECT policy
CREATE POLICY "Read own data" ON users
FOR SELECT USING (auth.uid() = id);

-- INSERT policy  
CREATE POLICY "Create own user" ON users
FOR INSERT WITH CHECK (auth.uid() = id);

-- UPDATE policy
CREATE POLICY "Update own data" ON users
FOR UPDATE USING (auth.uid() = id)
WITH CHECK (auth.uid() = id);

Real developers can help you.

Prakash Prajapati

Prakash Prajapati I’m a Senior Python Developer specializing in building secure, scalable, and highly available systems. I work primarily with Python, Django, FastAPI, Docker, PostgreSQL, and modern AI tooling such as PydanticAI, focusing on clean architecture, strong design principles, and reliable DevOps practices. I enjoy solving complex engineering problems and designing systems that are maintainable, resilient, and built to scale.

Dor Yaloz

Dor Yaloz SW engineer with 6+ years of experience, I worked with React/Node/Python did projects with React+Capacitor.js for ios Supabase expert

PawelPloszaj

PawelPloszaj I'm fronted developer with 10+ years of experience with big projects. I have small backend background too

Tejas Chokhawala

Tejas Chokhawala Full-stack engineer with 5 years experience building production web apps using React, Next.js and TypeScript. Focused on performance, clean architecture and shipping fast. Experienced with Supabase/Postgres backends, Stripe billing, and building AI-assisted developer tools.

Franck Plazanet

Franck Plazanet I am a Strategic Engineering Leader with over 8 years of experience building high-availability enterprise systems and scaling high-performing technical teams. My focus is on bridging the gap between complex technology and business growth. Core Expertise: 🚀 Leadership: Managing and coaching teams of 15+ engineers, fostering a culture of accountability and continuous improvement. 🏗️ Architecture: Enterprise Core Systems, Multi-system Integration (ERP/API/ETL), and Core Database Structure. ☁️ Cloud & Scale: AWS Expert; architected systems handling 10B+ monthly requests and managing 100k+ SKUs. 📈 Business Impact: Aligning tech strategy with P&L goals to drive $70k+ in monthly recurring revenue. I thrive on "out-of-the-box" thinking to solve complex technical bottlenecks and am always looking for ways to use automation to improve business productivity.

Milan Surelia

Milan Surelia Milan Surelia is a Mobile App Developer with 5+ years of experience crafting scalable, cross-platform apps at 7Span and Meticha. At 7Span, he engineers feature-rich Flutter apps with smooth performance and modern UI. As the Co-Founder of Meticha, he builds open-source tools and developer-focused products that solve real-world problems. Expertise: 💡 Developing cross-platform apps using Flutter, Dart, and Jetpack Compose for Android, iOS, and Web. 🖋️ Sharing insights through technical writing, blogging, and open-source contributions. 🤝 Collaborating closely with designers, PMs, and developers to build seamless mobile experiences. Notable Achievements: 🎯 Revamped the Vepaar app into Vepaar Store & CRM with a 2x performance boost and smoother UX. 🚀 Launched Compose101 — a Jetpack Compose starter kit to speed up Android development. 🌟 Open source contributions on Github & StackOverflow for Flutter & Dart 🎖️ Worked on improving app performance and user experience with smart solutions. Milan is always happy to connect, work on new ideas, and explore the latest in technology.

Sage Fulcher

Sage Fulcher Hey I'm Sage! Im a Boston area software engineer who grew up in South Florida. Ive worked at a ton of cool places like a telehealth kidney care startup that took part in a billion dollar merger (Cricket health/Interwell health), a boutique design agency where I got to work on a ton of exciting startups including a photography education app, a collegiate Esports league and more (Philosophie), a data analytics as a service startup in Cambridge (MA) as well as at Phillips and MIT Lincoln Lab where I designed and developed novel network security visualizations and analytics. I've been writing code and furiously devoted to using computers to make people’s lives easier for about 17 years. My degree is in making computers make pretty lights and sounds. Outside of work I love hip hop, the Celtics, professional wrestling, magic the gathering, photography, drumming, and guitars (both making and playing them)

MFox

MFox Full-stack professional senior engineer (15+years). Extensive experience in software development, qa, and IP networking.

Vlad Temian

Vlad Temian 15+ years shipping production infrastructure for startups. Former CTO at qed.builders (acquired by The Sandbox). Cursor ambassador and agentic tooling builder. I've scaled systems, automated deployments, and built observability tools for AI coding workflows. I specialize in taking vibe-coded apps from broken prototype to production-ready: fixing Supabase auth/RLS, Stripe integrations, deployment pipelines, and cleaning up AI-generated spaghetti. I build tools in this space (agentprobe, claudebin, micode) and understand both sides: how AI generates code and why it breaks. https://blog.vtemian.com/

Matthew Jordan

Matthew Jordan I've been working at a large software company named Kainos for 2 years, and mainly specialise in Platform Engineering. I regularly enjoy working on software products outside of work, and I'm a huge fan of game development using Unity. I personally enjoy Python & C# in my spare time, but I also specialise in multiple different platform-related technologies from my day job.

You don't need to be technical. Just describe what's wrong and a verified developer will handle the rest.

Get Help

Frequently Asked Questions

What's the difference between USING and WITH CHECK?

USING: checks rows before operation (for SELECT/UPDATE/DELETE). WITH CHECK: validates new row data (for INSERT/UPDATE).

Do I need separate policy per operation?

Yes, each operation (SELECT, INSERT, UPDATE, DELETE) needs its own FOR clause and policy.

Related Lovable Issues

Can't fix it yourself?
Real developers can help.

You don't need to be technical. Just describe what's wrong and a verified developer will handle the rest.

Get Help