Giriş
Row Level Security (RLS) lets you define access control policies at the row level within tables. This means that you can specify which users can SELECT, INSERT, UPDATE, or DELETE rows based on the actual data within the row.
Örnek
Elimizde şöyle bir tablo
olsunCREATE TABLE client (
client_id PRIMARY KEY,
client_name VARCHAR(255) NOT NULL,
email VARCHAR(255),
registration_date DATE DEFAULT CURRENT_DATE
);
ROW LEVEL SECURITY kullanmak için şöyle
yaparızALTER TABLE client ENABLE ROW LEVEL SECURITY;
ROW LEVEL SECURITY kullanmak için şöyle
yaparızDROP POLICY IF EXISTS client_isolation_policy ON client;
CREATE POLICY client_isolation_policy on client
USING (current_user =CONCAT('appuser_', client_id::text));
apppuser + client_id sütun değeri current_user ile aynı ise bu satır kullanıcıya gösterilir
create user appuser_1001 WITH ENCRYPTED PASSWORD 'password';
GRANT connect on database sample_db to appuser_1001;
GRANT USAGE ON SCHEMA public TO appuser_1001;
GRANT select on all tables in schema public to appuser_1001;
GRANT INSERT,UPDATE ON all tables in schema public TO appuser_1001;
root veya postgres kullanıcı etkilenmez. Her şeyi görebilir
select * from client c ;
client_id|client_name|email |registration_date|
---------+-----------+---------------+-----------------+
1001|Client 1001|abc@example.com| 2023-10-17|
1002|Client 1002|abc@example.com| 2023-10-17|
appuser_1001 kullanıcısı sadece 1001 değerine sahip satırları
görebilir.
select * from client c ;
client_id|client_name|email |registration_date|
---------+-----------+---------------+-----------------+
1001|Client 1001|abc@example.com| 2023-10-17|