Row Level Security
Row Level Security (RLS) is a feature in VulcanSQL that allows you to control access to individual rows in a table based on the characteristics of the user who is accessing the data. With RLS, you can define a set of rules that determine which users can see which rows in a table.
To implement RLS in VulcanSQL, user attributes can be conveniently included in the WHERE
clause to constrain the data a user can access. For instance, if you wish to permit a user to access only data associated with their department, the following query can be utilized:
SELECT * FROM employees
WHERE department = {{ context.user.attr.department }}
Moreover, you can generate an error if a user attempts to access data they are not authorized to view:
For example, to prevent interns from accessing data after 2023, the following query can be employed:
{% if context.user.attr.department = 'intern' and context.params.year < 2023 %}
{% error "OUT_OF_LIMITED" %}
{% endif %}