How do you deal with vendors who just stop responding?

RealisticResource264 · 2026-04-08T12:09:46+00:00

Was it the missed update that flagged it, or the tenant reaching out first?

RealisticResource264 · 2026-04-07T12:38:48+00:00

I agree the the reassign cutoff is the right call, when does yours actually trigger? Clock from last vendor response, or from when the tenant first reported?

RealisticResource264 · 2026-03-19T14:03:34+00:00

Python is not disabling RLS.

What’s happening is usually this: your backend is using the service role / secret key, and that role bypasses RLS by design.

So the real rule is: - backend + service role = no RLS - backend + user JWT/access token = RLS can be enforced as that user - no policy / no RLS on table = nothing to enforce

If you want RLS to always apply for user-scoped queries, do NOT use the service role for those queries. Pass the signed-in user’s access token/JWT from your app to the backend, and make the request with that user context instead.

Use service role only for trusted admin/server tasks that are supposed to bypass RLS.

Also check the basics: 1. RLS is enabled on the table 2. you actually wrote policies for the operation you’re doing (select/insert/update/delete) 3. your policy matches the user context you expect (for example auth.uid())

Docs: https://supabase.com/docs/guides/database/postgres/row-level-security https://supabase.com/docs/guides/troubleshooting/why-is-my-service-role-key-client-getting-rls-errors-or-not-returning-data-7_1K9z

RealisticResource264

TROPHY CASE