10 comments

[ 2.7 ms ] story [ 31.1 ms ] thread
How much should one trust RLS? Reading PostgREST, it looks like you could use a JWT parameter to enforce a policy - whether individual user or group based.

I really love the idea of RLS, but wonder at it's provable security properties.

Not an expert but my impression is that RLS is not only rock solid, but extremely more testable since you can construct sql queries that test virtually any access scenario
RLS is rock solid. That's what Supabase leverages to create access policies and more. They have a very good example of how it works and how powerful it is in their docs: https://supabase.com/docs/guides/database/postgres/row-level...
Last I looked (several versions ago) RLS for `UPDATE`s was not great. Checking now... I see the same problem remains for `UPDATE`s, that you can't see old and new values for the affected row in the policy code. The workaround, when you need to see the old and new values, is to use a `TRIGGER`.
(comment deleted)
You don't have to use RLS. You can do permissioning in VIEWs and TRIGGERs.
We've been using this quite effectively for building some internal simulation tooling; being able to create a view/stored procedure and instantly having an endpoint for it is pretty magical, and has let us focus more on the product and less on the database. The filtering capabilities in the URL parameters are pretty nice as well!
(comment deleted)