FG
๐Ÿ—„๏ธ Databases

[FEATURE]: Support PostgreSQL's Row Level Security (RLS)

Freshabout 20 hours ago
Mar 14, 20260 views
Confidence Score95%
95%

Problem

Describe want to want Supabase is really nicely using Row Level Secruity for granular authorization rules. ๐Ÿ”— Here's the link to their docs: https://supabase.com/docs/guides/auth/row-level-security I'd love to switch from Supabase JS SDK to drizzle based on all the features, but one limitation right now is that it seems it does not support row level secruity. Would love if you would consider adding this feature if also other users would find it helpful!

Unverified for your environment

Select your OS to check compatibility.

1 Fix

Canonical Fix
Unverified Fix
New Fix โ€“ Awaiting Verification

Implement Row Level Security Support in Drizzle ORM

Medium Risk

Drizzle ORM currently lacks built-in support for PostgreSQL's Row Level Security (RLS), which is essential for enforcing granular authorization rules at the database level. This omission prevents users from leveraging RLS features that are available in other ORMs like Supabase, limiting the ability to implement fine-grained access control in applications.

Awaiting Verification

Be the first to verify this fix

  1. 1

    Research PostgreSQL RLS Implementation

    Familiarize yourself with PostgreSQL's Row Level Security features and how they can be integrated into an ORM. Review the official PostgreSQL documentation to understand the necessary SQL commands for enabling RLS and creating policies.

    sql
    SELECT * FROM pg_catalog.pg_roles;
  2. 2

    Extend Drizzle ORM to Support RLS

    Modify the Drizzle ORM codebase to include methods for enabling RLS on tables. This involves creating a new function that allows users to define RLS policies directly within their schema definitions.

    typescript
    async function enableRowLevelSecurity(tableName) {
  await db.query(`ALTER TABLE ${tableName} ENABLE ROW LEVEL SECURITY`);
}
  3. 3

    Create Policy Management Functions

    Implement functions within Drizzle ORM to allow users to create, alter, and drop RLS policies for specific tables. This will enable users to define custom access rules based on their application needs.

    typescript
    async function createPolicy(tableName, policyName, policyDefinition) {
  await db.query(`CREATE POLICY ${policyName} ON ${tableName} FOR SELECT USING (${policyDefinition})`);
}
  4. 4

    Update Documentation

    Once the RLS support is implemented, update the Drizzle ORM documentation to include examples and usage instructions for enabling and managing Row Level Security. Ensure that users understand how to leverage this feature effectively.

  5. 5

    Conduct Testing

    Thoroughly test the new RLS features to ensure they work as expected. Create unit tests that cover various scenarios of RLS usage, including different policy definitions and user roles.

    typescript
    describe('Row Level Security', () => {
  it('should allow access based on policy', async () => {
    // Test implementation
  });
});

Validation

Confirm that RLS policies can be created, modified, and deleted through the Drizzle ORM interface. Test the enforcement of these policies by attempting to access data with different user roles and ensuring that the expected access controls are applied.

Sign in to verify this fix

Environment

Submitted by

AC

Alex Chen

2450 rep

Tags

drizzleormtypescriptenhancement