Row Level Security #4
Description
Hi @mkorobkov,
Thanks for the repo is really helpful 👍
I have a question how to integrate Postgres SQL Row Level Security with this repo. When using Slonik I used to use interceptors like this to intercept the pool connection, Reset ALL and then set the new value for the RLS:
export const SlonikInterceptors: Interceptor[] = [
{
afterPoolConnection: async (connectionContext, connection) => {
const organizationId = RequestContextService.getOrganizationId();
Logger.debug(`organizationId: ${organizationId}`);
if (!organizationId) {
throw new NoOrganizationIdRequestContextError(
'The organizationId is Empty in the RequestContextService object !',
);
}
await connection.query(
sql`SET myDsn.organization_id = ${sql.identifier([organizationId])};`,
);
return null;
},
},
{
beforePoolConnectionRelease: async (
connectionContext,
connection,
) => {
await connection.query(sql`RESET ALL;`);
return null;
},
},
];
I am facing hard time to figure out how I can keep doing the same thing while using this repo. those are the hard points I am facing:
- Since the Pool is created and connected to DB at the application start up, I don't know yet the organizationID. The organizationID is parsed from the JWT Token of the request
- It seems that the pool created is "singleton", so It will be connected to the DB just once. afterPoolConnection and beforePoolConnectionRelease are then not good to implement the RLS
Do you have please any thoughts on this ?
Best regards,