I didn't know we could also impersonate users from Supabase, that's a huge help. Also pls a video about creating customs roles, and how they relate to auth.users if there is any relation, because I don't know if we should be modifying that.
This is great. Thanks for the hard work! I also find defining functions a bit jarring as a new user. For instance to inserting multiple records relational queries is a common use case that's not that easy to do out of the box. An AI tool for functions and some advanced examples with `plpgsql` or how to properly use sql in functions would be greatly appreciated. Or an alternative would be to provide the supabase sdk to allow for nested inserts (for relational queries) would be a huge unlock (like it's possible with Prisma if you google: Prisma Relational Queries: Nested Writes)
Great feedback! 🙌 Supabase AI is also available in the SQL Editor so it can help you write your Postgres functions. I am also putting together a bunch of Postgres theory content for next year so will make sure all of this is covered!
The impersonation feature only works with supabase auth and not next-auth, correct ? Also, the ai assistant is so cool but does it have hallucinations like Chatgpt ?
I haven't played with next-auth for a while, but if it doesn't enforce regular RLS policies, then the impersonation feature won't match what a user in next-auth would get back. Also, I don't think next-auth uses the auth.users table so your next-auth users will probably not show up under the impersonation tab - again, haven't tested this so it might work perfectly! 🙂 We recommend checking the AI suggestion is what you want to do before running the SQL, as it may get a little "creative" 👍
Apparently: Supabase introduced a feature that used AI to generate Row Level Security (RLS) policies at the beginning of 2024. However, this feature is no longer available. The removal may be related to several challenges and limitations associated with RLS policies and their implementation. RLS policies in Supabase can become complex and challenging to manage, especially when dealing with performance issues and maintaining consistency across different parts of the application. There have been reports of difficulties in testing and debugging these policies, as well as issues with maintaining a good developer experience  . Additionally, there are specific technical hurdles related to RLS, such as the need for duplicating policy filters in application code and ensuring that policies are correctly applied without impacting performance . Given these complexities, it’s possible that Supabase decided to remove the AI-generated RLS policy feature to focus on more stable and manageable solutions. For current best practices on implementing RLS in Supabase, you can refer to their official documentation.
I've been struggling so hard just to implement a simple insert, select, update, and delete. It's crazy there's no default RLS with just applied "authenticated" using "true", and it working out of the box. I've never seen such "secure"/tied down system to a sql database before.
I use DrizzleORM and connect to my DB with a connection string. I have enabled RLS and haven't created a policy but I'm still able to query the data on my website. Why is this?
My question IS : How to insert a Record that has is_published set to false? Never understood why The selected policy always run after an update. It reduces so much the Power of this approach
Why is your UI for creating a new policy so different from mine? When I click New Policy it brings up the modal with templates or from scratch options.
Hi there! Thanks for the vid. I am having trouble using Supabase with Buildship. Even when I enable RLS, use a policy I get null. I disable RLS, I still get null. These happen both for using anon key and the service role secret key.. Do you have any idea why this is happening and how to fix it?
am new to supabase and postgres , while i loved it at first i hated rls for more complicated schemas like for exp user owns a store and a store has its own categories how do i write a policy for only store owners can add categories when they don't have direct relationship
Through RLS I have acheive user_permission design. With this I can control which user can select, insert and update or delete from a table's boolean value ,,user wise row.
This is just the first announcement of Supabase Launch Week X.
Read the blog post here: supabase.com/blog/studio-introducing-assistant?
And more Launch week announcements here: supabase.com/launch-week?
@@Supabase spicy
I didn't know we could also impersonate users from Supabase, that's a huge help. Also pls a video about creating customs roles, and how they relate to auth.users if there is any relation, because I don't know if we should be modifying that.
my UI does not match the UI in this video. Not sure if this version of Supabase is outdated?
This is great! I really like the impersonation feature. It’s always a pain to test different levels of access.
Yeah, I agree! This is going to save me so much time! 🎉
@@JonMeyers the kinda thing you don't realize how much it was missing until it's there!
I was just playing around with user impersonation, and wow it's easy to use and powerful.
Yeah I honestly love this feature!
Those impersonate tool and ai assitant are damn good ! Makes me want to deep dive on RLS !
Yeah, it’s going to save me so much time! 🚀
OMGGGGG I literally suggested this on Twitter/X, I had no clue you were actually implementing it.
Terrific stuff, very well presented. Thanks!
This is awesome, the Supabase Dashboard is becoming so incredibly powerful 🙌
Love This!
Glad you enjoyed it! 🙌 Much more coming over the next few days!
awesome feature 🤙
It’s one of my favourites so far! 🚀
Awesome video!
Thanks! 🙌 Glad you enjoyed it! What do you want to see next?
@@JonMeyers RLS also set a limit of registers?
This is great. Thanks for the hard work! I also find defining functions a bit jarring as a new user. For instance to inserting multiple records relational queries is a common use case that's not that easy to do out of the box. An AI tool for functions and some advanced examples with `plpgsql` or how to properly use sql in functions would be greatly appreciated. Or an alternative would be to provide the supabase sdk to allow for nested inserts (for relational queries) would be a huge unlock (like it's possible with Prisma if you google: Prisma Relational Queries: Nested Writes)
Great feedback! 🙌 Supabase AI is also available in the SQL Editor so it can help you write your Postgres functions. I am also putting together a bunch of Postgres theory content for next year so will make sure all of this is covered!
Jon is here!
Let’s get into it!
User Impersonation: brilliant
Awesome but when will it be available for local Dev, which is where we really need this?
The impersonation feature only works with supabase auth and not next-auth, correct ? Also, the ai assistant is so cool but does it have hallucinations like Chatgpt ?
I haven't played with next-auth for a while, but if it doesn't enforce regular RLS policies, then the impersonation feature won't match what a user in next-auth would get back. Also, I don't think next-auth uses the auth.users table so your next-auth users will probably not show up under the impersonation tab - again, haven't tested this so it might work perfectly! 🙂
We recommend checking the AI suggestion is what you want to do before running the SQL, as it may get a little "creative" 👍
Apparently: Supabase introduced a feature that used AI to generate Row Level Security (RLS) policies at the beginning of 2024. However, this feature is no longer available. The removal may be related to several challenges and limitations associated with RLS policies and their implementation.
RLS policies in Supabase can become complex and challenging to manage, especially when dealing with performance issues and maintaining consistency across different parts of the application. There have been reports of difficulties in testing and debugging these policies, as well as issues with maintaining a good developer experience  .
Additionally, there are specific technical hurdles related to RLS, such as the need for duplicating policy filters in application code and ensuring that policies are correctly applied without impacting performance .
Given these complexities, it’s possible that Supabase decided to remove the AI-generated RLS policy feature to focus on more stable and manageable solutions. For current best practices on implementing RLS in Supabase, you can refer to their official documentation.
I've been struggling so hard just to implement a simple insert, select, update, and delete. It's crazy there's no default RLS with just applied "authenticated" using "true", and it working out of the box. I've never seen such "secure"/tied down system to a sql database before.
I use DrizzleORM and connect to my DB with a connection string. I have enabled RLS and haven't created a policy but I'm still able to query the data on my website. Why is this?
My question IS : How to insert a Record that has is_published set to false? Never understood why The selected policy always run after an update. It reduces so much the Power of this approach
Why is your UI for creating a new policy so different from mine? When I click New Policy it brings up the modal with templates or from scratch options.
Same for me. This video seems to be outdated
Hi there! Thanks for the vid. I am having trouble using Supabase with Buildship. Even when I enable RLS, use a policy I get null. I disable RLS, I still get null. These happen both for using anon key and the service role secret key.. Do you have any idea why this is happening and how to fix it?
is there really a need to enable RLS if I access db only via backend?
What if someone attempts to access your database API directly if they get ahold of the URL?
If you don’t expose your anon key it’s fine. But better be safe than sorry!
am new to supabase and postgres , while i loved it at first i hated rls for more complicated schemas
like for exp user owns a store and a store has its own categories
how do i write a policy for only store owners can add categories when they don't have direct relationship
I cant see the AI chat on policies
How to make page views with NextJs and Supabase?
🚀
🤖🚀🚀
I don't have this feature.
Enabling RLS strict live changes
Could you please stop shaking your body. It's distracting from what you're saying!
Through RLS I have acheive user_permission design. With this I can control which user can select, insert and update or delete from a table's boolean value ,,user wise row.
🔥 🆇
4 more to go! Plus all those other one more things! 😆
There's always one more thing(s)
Great video!