Prisma Row Level Security - running transaction may not work as intended.
Prisma Postgres
ORMHi all,
in my team we're now looking into way to implement robust multi-tenant data separation. We've been using postgresql with prisma for a couple years now and would like to keep this stack since most developers are familiar with it. Naturally, we started looking into postgres RLS and the prisma extension (https://github.com/prisma/prisma-client-extensions/tree/main/row-level-security) which, unfortunately, is not a production-ready solution. Especially the warning "... explicitly running transactions with companyPrisma.$transaction() may not work as intended." is bothering me. I've read all the issues and threads and all the discussions, but I still don't quite understand what exactly this warning means. Under which conditions and how will this extension not behave as expected? We do have a bunch of interactive transactions and will probable get more of them.
Can anybody give me a hint on what to look for?
Thanks in advance! You're doing great work!
Alfred
in my team we're now looking into way to implement robust multi-tenant data separation. We've been using postgresql with prisma for a couple years now and would like to keep this stack since most developers are familiar with it. Naturally, we started looking into postgres RLS and the prisma extension (https://github.com/prisma/prisma-client-extensions/tree/main/row-level-security) which, unfortunately, is not a production-ready solution. Especially the warning "... explicitly running transactions with companyPrisma.$transaction() may not work as intended." is bothering me. I've read all the issues and threads and all the discussions, but I still don't quite understand what exactly this warning means. Under which conditions and how will this extension not behave as expected? We do have a bunch of interactive transactions and will probable get more of them.
Can anybody give me a hint on what to look for?
Thanks in advance! You're doing great work!
Alfred
