Allowing use of postgres row level security in prest api by using set role translation #813
Unanswered
jeremybusk
asked this question in
API Server
Replies: 1 comment 3 replies
-
That's a great idea, it takes the responsibility off the provider to manage username and password, using the Postgres authentication gear it is really not on the short-term roadmap to implement this functionality I see this option being optional, the user (admin, dev, etc) configures what will be the authentication gear Do you have the knowledge to implement it? |
Beta Was this translation helpful? Give feedback.
3 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
The closest I could find is #549
I'm new to prest and newer to go but I don't think this will help me exactly with what I'd like.
I would like an easy way in prest to set mapping for authenticated users in order to use postgres row level security. You could have prest database owner/admin user of database that could do set role {{row level security user}}. This way you could use native row level security in postgres without having to use other mechanisms. Users could query rest api or postgres sql depending on their needs.
Say you have a Postgres database with a table like below and you are logged in as owner or super user of database.
You then enable row level security, user and add some inserts to the table.
Add my users to prest_users (this could be some different database if desired if wanted serperate.
Now when I run my query I would only run as my prest_user name, equivalent of set role command in postgres.
Any thoughts on this. I'm just trying to push as much functionality to postgres in order to make security and management easier. This might not be in scope of app or I might have to use the middleware but not sure how to do that exactly using middlewares.
This is a great project I've been hoping would start for years.
Beta Was this translation helpful? Give feedback.
All reactions