PostgREST - Add authenticated user id on insert - postgresql

I need to automatically add an author of an inserted row in one of its columns. I am using postgREST (using Supabase cloud service) and I don't want users to add whoever they want as the author. Is there a way to automatically add user id of the user posting the data? Thanks!

The column's DEFAULT value should be:
uid() for Supabase.
current_user for Postgres.

You can add it via Table Editor or use auth.uid() in your SQL functions.

Related

How to use security policy packages on Databricks

I am trying to create data security policies on user tables on Databricks. However i have implemented this task on SQL server with below SQL Queries
CREATE FUNCTION [test].[mailfunction](#useremail AS nvarchar(100))
RETURNS TABLE WITH SCHEMABINDING AS
RETURN SELECT 1 AS mailfunction_result WHERE #useremail = SUSER_SNAME()
GO
create SECURITY POLICY [mailfunctionSecurityPolicy]
ADD FILTER PREDICATE [test].[mailfunction]([useremail]) ON
test.users WITH (STATE = OFF);
And i am trying this to implement on Databrick and created the function but i am not able to create SECURITY POLICY on Databricks.
I need to create the function or work around for Create function in databricks and need to archive role base access control on my table as we achieved in SQL side.
Also please suggest some reference code for implement Role based access and Row and Column level security and data masking implementation databricks.
Right now there is no exact the same functionality but it's coming in the near future - you can watch latest Databricks quarterly roadmap webinar to get more details about upcoming functionality for RBAC & ABAC.
But right now you can dynamic views over the tables to implement row-level access control and data masking. For this you can use current_user and is_member functions to perform checks. Like this (example from docs):
CREATE VIEW sales_redacted AS
SELECT user_id,
CASE WHEN
is_member('auditors') THEN email
ELSE 'REDACTED'
END AS email,
country, product, total
FROM sales_raw
And you can use user/group names from the data itself, it's not necessary to use hard-coded group names in the is_member call. You can see example in the following answer.

adding new column to postgresql and access

I'm using access as a frontend to a postgresql db, I've inherited it.
I've added a new column to a table in postgresql, but I can't access it in access. Do I need to add the same column in access and define the link or would it do this automatically. Any help is welcomed.
I'm using linked tables, to get the new column to show up I needed to refresh the linked connection.

Changing a DB View dynamically according the current user-group

we are currently digging into Amazon Redshift and testing different functionalities.
One of our basic requirements is that we will define different user groups which in turn will be granted access to different views.
One way to go about this would be to implement one view seperately for each user-group. However, since we have a lot of user-groups that share almost the exact same need for information, I'm looking for a way to implement this more dynamically in Redshift.
For instance, let's say I have a user group called users_london and another one called users_berlin. Both will have access to a view called v_employee_master_data which contains the columns employee_name, employee_job_title and employee_city.
Both groups share the same scope of information with one exception - the column employee_city.
In essence, the view should be pre-filtered for a certain value in the column employee_city according to the currently logged-in user-group.
In SQL - something like this:
For the usergroup users_london:
SELECT * FROM v_employee_master_data WHERE employee_city = 'London';
For the usergroup users_berlin:
SELECT * FROM v_employee_master_data WHERE employee_city = 'Berlin';
Now to make the connection back to Amazon Redshift. Does the underlying DB runtime provide an out-of-the-box functionality to somehow catch the currently logged user-group as a form of global variable and alter the SQL-statement according to the value of that variable?
It is possible to do:
get current user
select current_user
find what group it belongs to
select groname from pg_group where current_user_id = any(grolist);
Extract city and capitalize it:
select initcap(substring(groname from 'users_(.*)')) from pg_group where current_user_id = any(grolist);
Now you have your city based on the "user". So just inject it in the view
... WHERE employee_city = initcap(substring(groname from 'users_(.*)') ...

laravel 5.2 user login redirect with condition

I am making Dating website using laravel 5.2
I have Tables in database
--user
--profile
--education
--Occupation
--Marital Status
--Parents Details
Each of the table has user_id as forigen key of User table.
All models have been created and hasMany and belongsTo relation has been added respectively.
My question is when user login, I would like user to land to specific create controller if table is unfilled or form is not filled. For EX- profile.create, education.create , occupation.create.
Or is there any efficient way I can handle this situation.
Thanks in advance, I hope you got it. Let me know if you still need any more info.
The most simple idea below:
Create a column full_profile (tinyint, length 1) in your table which indicates the profile is full. Default it's 0.
After a validations are true, set the value of the full_profile to 1.
Ok, now it's simple:
User logs in
Check the value of full_profile. If 0, redirect to form, if 1, redirect to dashboard?

How to apply new changes without dropping current data in the db.(Playframework evaluations)

I'm using play 2.2.1 with scala. And I have a managing database evaluations. When I run my application with changes on the database, it'll drop all my datas.
At this moment evaluationplugin = disabled is comment in. If I comment out, it does not apply my changes.
For example. I have a users table and there are id, f_name, l_name
User
id f_name l_name
1. khazo rasp
And I want to add age field to this table without losing data. I've added this field in scala files.It works properly. I'm assuming I need to write script in 1.sql for some alter command, but I don't want to write script.
How to apply new changes without dropping current data in the db. I've read this documentation. Thanks in advance.
I've added this field in scala files
In slick (you have the tag play-slick), you can specify a default value in your Table
See the documentation here, under Tables:
Default[T](defaultValue: T)
Specify a default value for inserting data the table without this column. This information is only used for creating DDL statements so that the database can fill in the missing information.
I am not sure if it gets translated to ALTER statement if the table already exists . You will have to test it.