how does RLS propagate with postgres views? do they inherit the RLS from the underlying tables or are they public? i noticed that in the supabase control panel that there are not RLS options for views.
Asked chatgpt and it answered: In theory, you could use the `id` column of the `auth.users` table as a reference in your own table instead of creating a separate `user_id` column. However, there are a few reasons why it's generally better to use a separate `user_id` column: 1. Clarity: By using a separate `user_id` column, it's immediately clear to anyone looking at your table that this column is a foreign key referencing the `auth.users` table. Using the `id` column could be confusing, as it's not immediately clear where that ID is coming from. 2. Flexibility: If you later decide to switch to a different authentication provider or roll your own authentication system, you may need to change the structure of your user IDs. By using a separate `user_id` column, you can make this change without affecting any other tables in your database. 3. Performance: Depending on the size of your `auth.users` table, using the `id` column as a reference could be slower than using a separate `user_id` column. This is because the `id` column is not indexed by default, so looking up a specific user by their `id` could be slower than looking up a specific user by their `user_id`. Overall, while it's technically possible to use the `id` column as a reference in your own table, using a separate `user_id` column is generally considered a best practice.
@@svennpetter I couldn't say better. In short: user_id is a business logic named key. ID represents ID of an object while USER_ID indicates we are refering this ID to a user.
I need to access to my database from a Wordpress automatically. So, if I only let access to authenticate users… how can I authenticated my Wordpress automatically?
Hello, I have an application made with react js and Supabase I would like to know how I can make it so that the administrator profile can create, edit, update, delete seller type profile users, that is, so that seller type users can enter or authenticate in the application they have to be previously created by the administrator from their profile, the administrator provides the seller-type users with a name and password by another means, whether paper or other means, and the users enter the data provided by the administrator and if they are correct, they enter to your seller profile, how can I implement this functionality using only react js and Supabase, without needing to use Node js and express
I have a doubt. Lets say I have RLS enabled on table Users. This table will hold the details of my application users. It has columns like Name, email, phone and role. The role can either be customer or admin. Now I want a RLS policy that allows the logged in user(customer) to get only that users details. Customer should not have access to any other users details. If the logged in user is an admin then the admin should have access to any user in the database. How do I define this policy?
Hi!! Thank you so much! How can we create a custom role, add it to a user and then create a policy for it?
You are the best teacher, omg
Thanks my friend !
Thank you very much! Saved my day with your awesome explanation!
No problem man
Great video! Very well explained. Thank you!
you are the best
Yes yes yes 🔥
Awesome explanation!
Awesome presentation. Very clear 👍👍👍
Thanks Russell !
AWESOME! LOVE your tutorials! 👍
how does RLS propagate with postgres views? do they inherit the RLS from the underlying tables or are they public? i noticed that in the supabase control panel that there are not RLS options for views.
Yes they propagate (if I understood what you meant)
@@codewithguillaume awesome. i have a DBA background so i like to keep as much as possible postgres server side.
Great video! One question: Why is user_id necessary when id is already there in the first column? (What's the difference?)
Asked chatgpt and it answered:
In theory, you could use the `id` column of the `auth.users` table as a reference in your own table instead of creating a separate `user_id` column. However, there are a few reasons why it's generally better to use a separate `user_id` column:
1. Clarity: By using a separate `user_id` column, it's immediately clear to anyone looking at your table that this column is a foreign key referencing the `auth.users` table. Using the `id` column could be confusing, as it's not immediately clear where that ID is coming from.
2. Flexibility: If you later decide to switch to a different authentication provider or roll your own authentication system, you may need to change the structure of your user IDs. By using a separate `user_id` column, you can make this change without affecting any other tables in your database.
3. Performance: Depending on the size of your `auth.users` table, using the `id` column as a reference could be slower than using a separate `user_id` column. This is because the `id` column is not indexed by default, so looking up a specific user by their `id` could be slower than looking up a specific user by their `user_id`.
Overall, while it's technically possible to use the `id` column as a reference in your own table, using a separate `user_id` column is generally considered a best practice.
@@svennpetter I couldn't say better. In short: user_id is a business logic named key. ID represents ID of an object while USER_ID indicates we are refering this ID to a user.
I need to access to my database from a Wordpress automatically. So, if I only let access to authenticate users… how can I authenticated my Wordpress automatically?
❤❤❤
Hello, I have an application made with react js and Supabase I would like to know how I can make it so that the administrator profile can create, edit, update, delete seller type profile users, that is, so that seller type users can enter or authenticate in the application they have to be previously created by the administrator from their profile, the administrator provides the seller-type users with a name and password by another means, whether paper or other means, and the users enter the data provided by the administrator and if they are correct, they enter to your seller profile, how can I implement this functionality using only react js and Supabase, without needing to use Node js and express
I have a doubt.
Lets say I have RLS enabled on table Users. This table will hold the details of my application users. It has columns like Name, email, phone and role. The role can either be customer or admin.
Now I want a RLS policy that allows the logged in user(customer) to get only that users details. Customer should not have access to any other users details. If the logged in user is an admin then the admin should have access to any user in the database. How do I define this policy?
👍👍👍👍