Implementing row-level security

To control the user's access to the specific table rows, you can implement role-based access in the table.

Example

Let's consider a scenario with a "products" table:

category_id

product_name

price

In this case, the users are associated with specific categories, and you want to implement row-level security to ensure that each user only sees products within their assigned category. The "user_categories" table could look like this:

user_email

category_id

name

To ensure that users only see products that are allowed for them, we can filter the product categories based on the currently logged-in user:

SELECT p.*
FROM products p
JOIN user_categories uc ON p.category_id = uc.category_id
WHERE uc.user_email = {{ user.email }}

This query would ensure that when Alice, for example, accesses product data, she only sees products within the category assigned to her (category_id = 101).

By default, UI Bakery ensures that the parameterized request received by the server matches the currently logged-in user's email {{user.email}} for security purposes, meaning that this variable cannot be altered from the client side.

PreviousUsing external JS libraries NextCustom code

Last updated 1 month ago