Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

RLS AI improvements #26895

Merged
merged 22 commits into from
Jun 5, 2024
Merged

RLS AI improvements #26895

merged 22 commits into from
Jun 5, 2024

Conversation

gregnr
Copy link
Member

@gregnr gregnr commented May 30, 2024

Improves the RLS AI assistant by:

  • Providing best practices and Supabase-specific information in the prompt (lots of this comes from our RLS docs)
  • Writing tests for every scenario we want the assistant to handle:
    • defaults to authenticated role
    • uses anon + authenticated roles when table viewable by anyone
    • wraps every function in select (better performance, planner will cache function result)
    • select policy has USING but not WITH CHECK
    • insert policy has WITH CHECK but not USING
    • update policy has USING and WITH CHECK
    • delete policy has USING but not WITH CHECK
    • splits multiple operations into separate policies (discourages all)
    • discourages restrictive policies
    • user_id is on joined table and joins are minimized
    • mfa (operation can only be performed if user has shown a second form of auth)
  • Upgrade model to gpt-4o

Copy link

vercel bot commented May 30, 2024

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
studio-staging ✅ Ready (Inspect) Visit Preview 💬 Add feedback Jun 3, 2024 4:57pm
6 Ignored Deployments
Name Status Preview Comments Updated (UTC)
database-new ⬜️ Ignored (Inspect) Jun 3, 2024 4:57pm
design-system ⬜️ Ignored (Inspect) Visit Preview Jun 3, 2024 4:57pm
docs ⬜️ Ignored (Inspect) Visit Preview Jun 3, 2024 4:57pm
studio ⬜️ Ignored (Inspect) Visit Preview Jun 3, 2024 4:57pm
studio-self-hosted ⬜️ Ignored (Inspect) Visit Preview Jun 3, 2024 4:57pm
zone-www-dot-com ⬜️ Ignored (Inspect) Visit Preview Jun 3, 2024 4:57pm

Copy link

supabase bot commented May 30, 2024

No changes detected in supabase directory.
This pull request has been ignored for the connected project xguihxuzqibwxjnimxev due to its connection settings.
Go to Project Integrations Settings ↗︎ in order to change this behavior.


Branching Preview Branches by Supabase.
Learn more about Supabase for Git ↗︎.

@gregnr gregnr marked this pull request as ready for review May 31, 2024 20:54
@gregnr gregnr requested a review from a team as a code owner May 31, 2024 20:54
@ivasilov ivasilov merged commit 801ad65 into master Jun 5, 2024
16 checks passed
@ivasilov ivasilov deleted the feat/rls-ai-improvements branch June 5, 2024 12:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

3 participants