Is Postgres RLS for Everything and Everyone?
What's this blog post about?
The text discusses the use of Postgres RLS (Row-Level Security) for authorization in applications, highlighting its challenges and benefits. While RLS is not the most expressive or easy to use authorization model, it can be effective when used for core authorization checks such as preventing cross-tenant access in multi-tenant B2B SaaS applications. The text also suggests moving the authorization model to a higher-level framework like CASL as data models become more complex.
Company
Neon
Date published
Nov. 15, 2024
Author(s)
David Gomes
Word count
702
Language
English
Hacker News points
5