|
|
|
|
|
|
by ishanr
1421 days ago
|
|
|
I use RLS quite heavily for my app Sudopad (https://sudopad.com) and it has been working quite well so far. One gotcha specific to Supabase (where I run the backend) is because there is no anonymous login in Supabase, turning on RLS and using database functions marked as security definers are the way to go. Otherwise there is no easy way of stopping a 'select * from x' since some rows might not have a user_id if they are anonymous and I still want people to access the row if they know a specific primary key uuid. |
|
|