Advanced role systems similar to discord
Hey, I'm creating a chat app which shares a lot of features with Discord for a client. specifically, the roles feature
I want to create dynamic roles that can be added to users that allow the users to do certain actions in certain channels. For example, a role called "Advanced" would allow users to add reactions to messages in Channel A and Channel B, or create threads in Channel B, depending on configuration set by chat admins.
I'm wondering how to set up access policies for this. Here's where I'm heading...
I'd create these tables...
Then the question is how to model the row level security for this?
I want to only allow insertion of the
Anyone have any examples of these "nested access policies with joins"?
Otherwise I know i could just write supabase functions to do this but it seems like something I could model with access policies...
I want to create dynamic roles that can be added to users that allow the users to do certain actions in certain channels. For example, a role called "Advanced" would allow users to add reactions to messages in Channel A and Channel B, or create threads in Channel B, depending on configuration set by chat admins.
I'm wondering how to set up access policies for this. Here's where I'm heading...
I'd create these tables...
roletable with
andidnamerole_user_assignmenttable withrole_id,
to give a user a roleuser_idrole_channel_permissiontable withpermissionenum"react" "reply_in_thread"and pointer tochannel_id,role_idto give users of a certain role a permission in a certain channel.
Then the question is how to model the row level security for this?
I want to only allow insertion of the
message_reaction on a message for users who have a role that has a role_channel_permission in the given channel to "react".Anyone have any examples of these "nested access policies with joins"?
Otherwise I know i could just write supabase functions to do this but it seems like something I could model with access policies...
