Implementing row-level security
To control the user's access to the specific table rows, you can implement role-based access in the table.
Example
Let's consider a scenario with a "products" table:
1
101
Laptop
$999
2
102
Smartphone
$599
3
103
Smartwatch
$199
4
102
Camera
$449
In this case, the users are associated with specific categories, and you want to implement row-level security to ensure that each user only sees products within their assigned category. The "user_categories" table could look like this:
alice@example.com
101
Alice
bob@example.com
102
Bob
jane@example.com
103
Jane
To ensure that users only see products that are allowed for them, we can filter the product categories based on the currently logged-in user:
This query would ensure that when Alice, for example, accesses product data, she only sees products within the category assigned to her (category_id = 101).
By default, UI Bakery ensures that the parameterized request received by the server matches the currently logged-in user's email {{user.email}}
for security purposes, meaning that this variable cannot be altered from the client side.
Last updated