Neon Auth - Gap in Permissions
Hello,
Firstly, I'd like to say thank you for the excellent tech! I'm loving Neon as a database platform.
Alright, now let me describe what's goin on: I am working on integrating my Next.js application with Neon Auth, and I'm attempting to set up RBAC and permissions for my application's users. I have found what feels like a gap in usability for me integrating Neon Auth into my application (which makes sense given the beta nature of this feature).
If I create a new Stack Auth account and project, I have the ability to add/update/delete Project permissions, but if I integrate Neon with Stack Auth, I do not get a settings panel which enables this action. Seems like users are sync'd properly, but I believe project permissions are a necessity to make the integration valuable to me as a user.
In my application, I added a test page which attempts to call out to register new permissions for my user only to find that the app itself does not have the permission defined. I tried to grant my own project-level permissions only to find that they must be enabled downstream (as shown in my screenshot from my browser dev console).
Per Stack Auth's documentation at https://docs.stack-auth.com/docs/react/concepts/permissions#creating-a-project-permission:
Creating a Project Permission To create a new project permission, navigate to the Project Permissions section of the Stack dashboard. Similar to team permissions, you can select other permissions that the new permission will contain, creating a hierarchical structure.Per Neon Auth documentation at https://neon.com/docs/neon-auth/concepts/permissions:
Currently, Neon Auth does not support creating or modifying permissions through the Neon Console. All permissions are pre-configured and cannot be changed.This feels like a moderate gap in behavior; while I understand Neon Auth does not have a panel to enable editing this behavior, I would prefer not to have to implement my own permissions table and define everything myself, preferring the
usePermission, grantPermission, revokePermission, etc hooks.
My question: Do we have any timeframe or location that I could contribute to integrations for this functionality? Permissions seem like a table clone as well. Before I dig into my own implementation, I'd prefer to integrate into Neon Auth's solution. Otherwise, I'll have to implement everything myself through Stack Auth and their webhooks to clone to my neon db.
2 Replies
sensitive-blue•6d ago
Hey! Love to hear that you're enjoying Neon!
Neon Auth is still new a we're working on making everything configurable from the Neon console right now. In the meantime, the best way to accomplish what you're after is to claim the project with your StackAuth account so that you can configure everything from their dashboard.
like-goldOP•6d ago
That makes sense. Thank you for the info and confirmation. I was able to perform a workaround by creating the Stack Auth account first, linking the account with Neon, and now I have the ability to modify my project permissions in Stack Auth and have a clone of the user table in my Neon db to have referential data integrity.
Thanks - this will do! 🙂