search

PostgREST / postgrest-docs

This repo is archived and will be merged into postgrest/postgrest soon.
http://postgrest.org
MIT License
365 stars 164 forks source link

Recommend using `row_security = off` for starting up with RLS #749

Closed steve-chavez closed 4 months ago

steve-chavez commented 5 months ago

Problem

RLS filters rows silently, this trips a lots of newcomers when trying PostgREST on a table with RLS enabled. See https://github.com/PostgREST/postgrest/discussions/3189

Solution

Recommend using row_security, this will give a clear error when enabled.

alter role postgrest_test_anonymous set row_security to 'off';
alter table projects enable row level security;
curl localhost:3000/projects

HTTP/1.1 401 Unauthorized
{"code":"42501","details":null,"hint":null,"message":"query would be affected by row-level security policy for table \"projects\""}

Perhaps we should add a Prefer: row-security so users can activate it per request?

wolfgangwalther commented 5 months ago

Wait, this is not useful in real code, right? This can only be a debugging hint in a case "I don't see any rows", correct?

steve-chavez commented 5 months ago

Yes, it's only a debugging hint. I'm not sure what's the right way, I also thought of a special response header like: 

GET /projects

X-Pgrst-Affected-By-RLS: true
[]

Which could be added automatically by us by checking if the table has RLS and if the impersonated role would be affected.

wolfgangwalther commented 5 months ago

While I can understand that we want to help our users.. I don't think we need to solve all of the problems for them. When they are advanced enough to enable and use RLS - then they should be able to debug this without PostgREST.