IHP Api Reference
Copyright(c) digitally induced GmbH 2021
Safe HaskellNone

IHP.DataSync.Role

Description

The default user that creates a table in postgres always has access to all rows inside the table. The default user is not restricted to the RLS policies.

Therefore we need to use a second role whenever we want to make a query with RLS enabled. Basically for every query we do, we'll wrap it in a transaction and then use 'SET LOCAL ROLE ..' to switch to our second role for the duration of the transaction.

Documentation

doesRoleExists :: (?modelContext :: ModelContext) => Text -> IO Bool Source #

ensureAuthenticatedRoleExists :: (?context :: context, ConfigProvider context, ?modelContext :: ModelContext) => IO () Source #

createAuthenticatedRole :: (?modelContext :: ModelContext) => Text -> IO () Source #

grantPermissions :: (?modelContext :: ModelContext) => Text -> IO () Source #

authenticatedRole :: (?context :: context, ConfigProvider context) => Text Source #