How do you isolate customer specific data?
I've been working on an app where I store financial data for my users. I've gone through a few iterations but have landed on RLS for partitioning the users data.
I considered using a schema per user, a database per user (probably would have used @SQLite ), or a layer in the ORM does some form of "roll your own rls" -- maybe appending a filter anytime the table has a user_id column.
It seems like @Supabase has popularized RLS and i'm wondering if thats what most people are doing these days?
Replies
Tab Slayer
@rstankov do you use RLS at angry building?
RLS is the worst thing that you can use. I hate it. It's complicated, takes so much time to implement and one role error can lead to so much stress. You are better of chosing a normal postgres database and then encrypt and decrypt the information for the specific user with an encryption key. That's how I would do it if the data is very sensitive. But pls don't use RLS instead use RBAC in your auth layer. If you are looking for sqlite this also works fine, haven't dipped deeper into it yet
If you use @Plaid to link accounts, do you actually store sensitive financial data or is it just a list of transactions? If it's just transactions, is there a need to implement RLS or something beyond encryption-at-rest and encryption-in-transit?