@rls

Row-Level Security policies for PostgreSQL

Postgres

Example

Input SQL

sql

-- @rls
-- @rls.policy(for: SELECT, to: authenticated, using: 'user_id = current_user_id()')
-- @rls.policy(for: ALL, to: admin, using: 'true')
CREATE TABLE documents (
  id SERIAL PRIMARY KEY,
  user_id INTEGER NOT NULL,
  title TEXT NOT NULL,
  content TEXT
);

Compiled Output

sql

ALTER TABLE "documents" ENABLE ROW LEVEL SECURITY;

CREATE POLICY "documents_authenticated_select" ON "documents"
  FOR SELECT
  TO authenticated
  USING (user_id = current_user_id());

CREATE POLICY "documents_admin_all" ON "documents"
  FOR ALL
  TO admin
  USING (true);

Tags

`@rls.policy`

Create a row-level security policy (requires @rls on the table)

Targets: table

Arguments:

Name	Type	Required	Values
for	`string`	No	—
to	`string`	No	—
using	`string`	No	—
check	`string`	No	—

`@rls`

Enable row-level security on this table

Targets: table

Arguments: No arguments.

Lint Rules

`rls.require-policy`

Public tables should have RLS enabled

Default severity: warn

@rls

Example ​

Tags ​

@rls.policy ​

@rls ​

Lint Rules ​