link,[object Object]
ACQM Docs

Appearance

Security & Privacy ​

Authentication & Authorization ​

  • Supabase Auth: Email/password authentication
  • Row Level Security (RLS): Database-level access control
  • Role-based Access: Admin, seller, buyer roles
  • JWT Tokens: Secure session management

Data Protection ​

  • Encryption: All data encrypted at rest and in transit
  • PCI Compliance: Stripe handles payment card data
  • GDPR Compliance: User data rights and deletion
  • Data Retention: Automatic cleanup policies

Security Measures ​

sql
-- Example RLS policy
CREATE POLICY "Users can only see own data"
ON profiles FOR SELECT
USING (auth.uid() = id);

API Security ​

  • Rate Limiting: Prevent abuse
  • CORS Configuration: Controlled cross-origin access
  • Webhook Validation: Stripe signature verification
  • Input Sanitization: SQL injection prevention

Data-level Masking (Blur Policy) ​

  • Secure view: public.listing_view_secure applies server-side masking for sensitive fields.
  • Function: public.can_view_field (STABLE, SET search_path TO 'public') decides access based on blurred_fields, subscription, with owner/admin bypass.
  • Admin RPC: public.admin_toggle_blurred_field (SECURITY DEFINER, checks is_admin_user()) to modify per-plan configuration.
  • RLS: blurred_fields — public SELECT; mutations admin-only. Avoid exposing sensitive listing fields without using the secure view.

Privacy Controls ​

  • Data Minimization: Collect only necessary data
  • Consent Management: Explicit user consent
  • Access Logs: Track data access and modifications
  • Right to Erasure: User data deletion on request

Storage & Media Security ​

  • Buckets: use a private bucket for listing images/screenshots (e.g., listing-images)
  • Access: generate short-lived signed URLs for downloads (never expose raw storage paths)
  • Validation: enforce max size (≤5MB), formats (JPG/PNG/WebP), and content checks
  • Caching: CDN caching with conservative TTL; avoid caching signed URLs for long periods
  • Links in UI: store only relative paths/keys; resolve to signed URLs at render-time

Security Monitoring ​

  • Failed Login Attempts: Automated blocking
  • Suspicious Activity: Real-time detection
  • Security Audits: Regular penetration testing
  • Vulnerability Scanning: Continuous monitoring

Related: Admin Guide, Operations