lywsvip/supabase
1
0
Fork 0
mirror of https://github.com/supabase/supabase.git synced 2026-05-18 02:44:56 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
create-pull-request/patch
supabase/apps/docs/content/guides/storage/management/copy-move-objects.mdx
Pedro Rodrigues f7d2160e0c fix: correct RLS permissions for storage move and copy operations (#42777) 
### Summary

- The `move` operation requires `select` + `update` permissions (not
`select` + `insert` as previously documented). The implementation was
changed in
[supabase/storage#400](https://github.com/supabase/storage/pull/400) to
update the row in-place instead of deleting and reinserting, but the
docs were never updated to reflect this.
- The `copy` operation requires `select` + `insert` by default. When the
user also has `update` permission, the copy can be performed as an
upsert, overwriting the destination if it already exists.
- Added an `update` policy example alongside the existing `select` and
`insert` examples.

### Related

Fixes https://github.com/supabase/storage/issues/807


<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

* **Documentation**
* Enhanced guidance for storage copy operations with clarified
permissions requirements on source and destination.
  * Added upsert option details for users with update permissions.
* Clarified move operation requirements for select and update
permissions.
* Updated policy examples with explicit operation names and owner
authentication checks.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->

Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-13 14:52:10 +00:00

108 lines
3.2 KiB
Plaintext
Raw Permalink Blame History

---
id: 'storage-management'
title: 'Copy Objects'
description: 'Learn how to copy and move objects'
subtitle: 'Learn how to copy and move objects'
sidebar_label: 'Copy / Move Objects'
---
## Copy objects
You can copy objects between buckets or within the same bucket. Currently only objects up to 5 GB can be copied using the API.
When making a copy of an object, the owner of the new object will be the user who initiated the copy operation.
### Copying objects within the same bucket
To copy an object within the same bucket, use the `copy` method.
```javascript
import { createClient } from '@supabase/supabase-js'
const supabase = createClient('your_project_url', 'your_supabase_api_key')
// ---cut---
await supabase.storage.from('avatars').copy('public/avatar1.png', 'private/avatar2.png')
```
### Copying objects across buckets
To copy an object across buckets, use the `copy` method and specify the destination bucket.
```javascript
import { createClient } from '@supabase/supabase-js'
const supabase = createClient('your_project_url', 'your_supabase_api_key')
// ---cut---
await supabase.storage.from('avatars').copy('public/avatar1.png', 'private/avatar2.png', {
destinationBucket: 'avatars2',
})
```
## Move objects
You can move objects between buckets or within the same bucket. Currently only objects up to 5GB can be moved using the API.
When moving an object, the owner of the new object will be the user who initiated the move operation. Once the object is moved, the original object will no longer exist.
### Moving objects within the same bucket
To move an object within the same bucket, you can use the `move` method.
```javascript
import { createClient } from '@supabase/supabase-js'
const supabase = createClient('your_project_url', 'your_supabase_api_key')
// ---cut---
const { data, error } = await supabase.storage
.from('avatars')
.move('public/avatar1.png', 'private/avatar2.png')
```
### Moving objects across buckets
To move an object across buckets, use the `move` method and specify the destination bucket.
```javascript
import { createClient } from '@supabase/supabase-js'
const supabase = createClient('your_project_url', 'your_supabase_api_key')
// ---cut---
await supabase.storage.from('avatars').move('public/avatar1.png', 'private/avatar2.png', {
destinationBucket: 'avatars2',
})
```
## Permissions
To **copy** objects, users need `select` permission on the source object and `insert` permission on the destination object. If the user also has `update` permission, the copy can be performed as an upsert, which will overwrite the destination object if it already exists.
To **move** objects, users need `select` and `update` permissions on the object.
For example:
```sql
create policy "User can select their own objects (in any buckets)"
on storage.objects
for select
to authenticated
using (
owner_id = (select auth.uid())
);
create policy "User can insert in their own folders (in any buckets)"
on storage.objects
for insert
to authenticated
with check (
(storage.folder(name))[1] = (select auth.uid())
);
create policy "User can update their own objects (in any buckets)"
on storage.objects
for update
to authenticated
using (
owner_id = (select auth.uid())
);
```
Reference in New Issue View Git Blame Copy Permalink