Use role from user JWT
calj opened this issue · 0 comments
calj commented
Feature request
Use the user role to apply a specific RLS policy to requests.
Problem
We would like to extend supabase-studio and give a finer access control to different users based on their role using PostgreSQL RLS feature.
For the moment supabase-studio is using a single API key to access meta with a full access to the database.
Describe the solution you'd like
We would need to use the user role from his session JWT to apply the correct RLS policy.
This mechanism exists in PostREST service.
Describe alternatives you've considered
Our current alternative is to use PostgREST and RLS for non-admin roles and use supabase-studio core functionalities only to the platform admin, which is very limiting.