Supabase as a full backend
Context:
we are using supabase as a back end but what i don't like is defining rls and having to juggle permissions especially when weird role-based access is needed for the application
proposal 1:
using rls as is
issue:
i genuinely cant debug overlapping permissions and im just hit with "permission denied" or something of the sort ( i dont remeber the exact message )
proposal 2:
controller -> function
a controller would control how a user is able to interact with the database essensially implementing all functions the client would need essentially like a normal api
issues:
this sucks, writing psql functions in the editor (i am aware that a cli exists but i have not tried it yet because i have a sensation it wont be of help), i have to define the controller alone, add a system so that functions can only be called if a session id has been generated for that call (through the controller) and then placed in a table that the "private" function can call, i understand that this can be made to work but i dont think this is what supabase was built for stuff like this
i have no third proposal, i genuinely only appreciate the database and auth service that supabase provides but find that implementing any kind of api with any decent amount of complexity is borderline impossible, i can feel like this is an issue in my world view.
i appreciate your insight, if you have any resources you would like me to look into to understand backend architecture types better id appreciate it, if you want to understand what im trying to accomplish im open for questions.
i am hindered by this platform and i want to understand if this is something wrong with the way im doing things, if you have alternative solutions id appreciate it, looking into railway.app because it looks nice, i just realized i was running out of message length, if any extra information is needed please let me know, i appreciate your reading through my rant
i didn't know which tag to pick so i picked both
we are using supabase as a back end but what i don't like is defining rls and having to juggle permissions especially when weird role-based access is needed for the application
proposal 1:
using rls as is
issue:
i genuinely cant debug overlapping permissions and im just hit with "permission denied" or something of the sort ( i dont remeber the exact message )
proposal 2:
controller -> function
a controller would control how a user is able to interact with the database essensially implementing all functions the client would need essentially like a normal api
issues:
this sucks, writing psql functions in the editor (i am aware that a cli exists but i have not tried it yet because i have a sensation it wont be of help), i have to define the controller alone, add a system so that functions can only be called if a session id has been generated for that call (through the controller) and then placed in a table that the "private" function can call, i understand that this can be made to work but i dont think this is what supabase was built for stuff like this
i have no third proposal, i genuinely only appreciate the database and auth service that supabase provides but find that implementing any kind of api with any decent amount of complexity is borderline impossible, i can feel like this is an issue in my world view.
i appreciate your insight, if you have any resources you would like me to look into to understand backend architecture types better id appreciate it, if you want to understand what im trying to accomplish im open for questions.
i am hindered by this platform and i want to understand if this is something wrong with the way im doing things, if you have alternative solutions id appreciate it, looking into railway.app because it looks nice, i just realized i was running out of message length, if any extra information is needed please let me know, i appreciate your reading through my rant
i didn't know which tag to pick so i picked both
Was this page helpful?
