Set Permissions with User Roles

So, now that we have our security policies in place to limit 0:00 what data users can access, what if we want our platform to have admins, 0:04 and as a result, we want these admins to be able to access all of the data? 0:09 Well, that's where roles come in. 0:13 Now, when we connected the Supabase Authentication plugin, 0:17 we had WeWeb automatically generate the user roles table and the roles table. 0:20 Now these two tables essentially dictate what roles exist in our app 0:25 and then what roles are assigned to which users. 0:28 So for example, in the roles table, 0:31 by default, we have the admin role and the user role. 0:34 And then in the user's roles table, we'll link a certain role to a certain user. 0:37 And so in order to do this, we're going to need to use something called a trigger. 0:43 Now a trigger basically runs when something happens. 0:47 And so in our case, whenever a user is created, 0:50 we're going to want to create a record in the user's 0:53 roles table that links them to the appropriate role. 0:56 And the role we want to link them to, by default, will be the user role. 0:59 Now, the security level policies, the easiest way to do 1:04 this is to actually just prompt WeWeb AI to create it for us. 1:07 So I'll prompt WeWeb AI to do so. 1:11 So that query will be created. 1:26 So I can deploy it. 1:28 And now I can go through the workflow to test this. 1:30 So I'll go to my signup page. 1:33 I'll put it into preview and sign up. 1:37 And so if I now check Supabase 1:43 and go into the authentication tab I can see I been created as a user 1:45 And if I go to my database and I go into the user roles table 1:49 I can see a record has been created for my user ID 1:54 and I've been assigned the user role because this role ID 1:56 links to the user record. 2:01 And so if I wanted to assign myself as an admin, the easiest way to do this 2:04 in truth is to manually do this inside of Supabase. 2:08 And so if I go into the user's roles table, 2:11 I can simply just change my role ID to be the admin record. 2:14 And so I've now assigned myself as an admin. 2:18 And so the next step to create the admin privileges is to set up row level security 2:20 on the marketing tasks table so that admins have 2:25 the necessary privileges to access and edit all of the data. 2:29 So that query has been generated and I can deploy it. 2:45 And so now, since I've assigned my account to be an admin, when I refresh the page 2:48 in WeWeb, I should retrieve and see all of the marketing task records. 2:53 And so when I refresh the page, 2:58 I can see I have access to all of the records in the marketing tasks table. 3:01 However, if I switch back to Supabase and I go into the user's roles table 3:06 and I once again change my role to be that of a user, 3:11 when I go into WeWeb and I refresh the page, I should now see 3:15 no records because there's no records that belong to my user account. 3:18 So when I refresh, I can see it's an empty list and I'm not allowed 3:23 to access any of the data that doesn't belong to my user account. 3:27

You need to sign up for Treehouse in order to set up Workspace

Sign up