Advanced role systems similar to discord
Hey, I'm creating a chat app which shares a lot of features with Discord for a client. specifically, the roles feature
I want to create dynamic roles that can be added to users that allow the users to do certain actions in certain channels. For example, a role called "Advanced" would allow users to add reactions to messages in Channel A and Channel B, or create threads in Channel B, depending on configuration set by chat admins.
I'm wondering how to set up access policies for this. Here's where I'm heading...
I'd create these tables...
*
*
*
So for example to check if user can create a reaction to a message in a channel... I'd have role named "Reactors" with an assignment to a user, and there'd be a role_channel_permission for permission to "react" on Reactors role_id in a given channel.
Then the question is how to model the row level security for this?
I want to only allow insertion of the
Anyone have any examples of these "nested access policies with joins"?
Otherwise I know i could just write supabase functions to do this but it seems like something I could model with access policies...
I want to create dynamic roles that can be added to users that allow the users to do certain actions in certain channels. For example, a role called "Advanced" would allow users to add reactions to messages in Channel A and Channel B, or create threads in Channel B, depending on configuration set by chat admins.
I'm wondering how to set up access policies for this. Here's where I'm heading...
I'd create these tables...
*
roleidname*
role_user_assignmentrole_iduser_id*
role_channel_permissionpermission"react" "reply_in_thread"channel_idrole_idSo for example to check if user can create a reaction to a message in a channel... I'd have role named "Reactors" with an assignment to a user, and there'd be a role_channel_permission for permission to "react" on Reactors role_id in a given channel.
Then the question is how to model the row level security for this?
I want to only allow insertion of the
message_reaction"react"Anyone have any examples of these "nested access policies with joins"?
Otherwise I know i could just write supabase functions to do this but it seems like something I could model with access policies...
