Constraints and Row Level Security

When you apply Row Level Security to a table, which has constraints, like a primary key or a unique constraint, then these constraints are evealuated regardless of the RLS policy. Of course this makes sense, especially in the case of a primary key, but it can be a problem with a unique constraint.

If you implement RLS by adding an extra column to the table, by which you can check the RLS policy, it might be a good idea to alter the constraint(s) to include this column in the constraint. That way, the original database structure stays mostly the same, but different users can insert similar data which would not have been allowed with the normal constraints.

As for the primary key, in my opinion you should always use a sequence generated field for the primary key. This field should remain technical data only. Never use this field as a reference to the user. Best is to hide it completely in the front-end you are building.

One thought on “Constraints and Row Level Security

Leave a Reply to Baderit Cancel reply

Your email address will not be published. Required fields are marked *