Implementing row-level security

UI Bakery allows you to control user access to specific table rows for security purposes. This can be achieved by implementing role-based access in the table.

Let's consider a scenario with the products table:

id
category_id
product_name
price

1

101

Laptop

$999

2

102

Smartphone

$599

3

103

Smartwatch

$199

4

102

Camera

$449

Here, each category is associated with a specific user, so basically users should be able to see only the products within their assigned category. The user_categories table could look like this:

user_email
category_id
name

This is the case when you would want to implement row-level security to ensure that users only see the products that are allowed for them. To do so, you can filter the product categories based on the currently logged-in user:

SELECT p.*
FROM products p
JOIN user_categories uc ON p.category_id = uc.category_id
WHERE uc.user_email = {{ user.email }}

This query would ensure that when user Alice accesses product data, they would only see the products within the category assigned to them (for Alice it's category_id = 101).

Last updated

Was this helpful?