IHP Api Reference
Safe HaskellNone

IHP.DataSync.RowLevelSecurity

Synopsis

Documentation

ensureRLSEnabled :: (?modelContext :: ModelContext) => Text -> IO TableWithRLS Source #

Returns a proof that RLS is enabled for a table

hasRLSEnabled :: (?modelContext :: ModelContext) => Text -> IO Bool Source #

Returns True if row level security has been enabled on a table

RLS can be enabled with this SQL statement:

ALTER TABLE my_table ENABLE ROW LEVEL SECURITY;

After this hasRLSEnabled will return true:

>>> hasRLSEnabled "my_table"
True

data TableWithRLS Source #

Can be constructed using ensureRLSEnabled

tableWithRLS <- ensureRLSEnabled "my_table"

Useful to carry a proof that the RLS is actually enabled

makeCachedEnsureRLSEnabled :: (?modelContext :: ModelContext) => IO (Text -> IO TableWithRLS) Source #

Returns a factory for ensureRLSEnabled that memoizes when a table has RLS enabled.

When a table doesn't have RLS enabled yet, the result is not memoized.

Example:

-- Setup
ensureRLSEnabled <- makeCachedEnsureRLSEnabled

ensureRLSEnabled "projects" -- Runs a database query to check if row level security is enabled for the projects table

-- Asuming 'ensureRLSEnabled "projects"' proceeded without errors:

ensureRLSEnabled "projects" -- Now this will instantly return True and don't fire any SQL queries anymore

sqlQueryWithRLS :: (?modelContext :: ModelContext, ToRow parameters, ?context :: ControllerContext, userId ~ Id CurrentUserRecord, Show (PrimaryKey (GetTableName CurrentUserRecord)), HasNewSessionUrl CurrentUserRecord, Typeable CurrentUserRecord, ?context :: ControllerContext, HasField "id" CurrentUserRecord (Id' (GetTableName CurrentUserRecord)), ToField userId, FromRow result) => Query -> parameters -> IO [result] Source #