Report authorization and row level security #3026
-
DescriptionHi, I was wondering if evidence.dev offers a way to limit data based on user context (Row level security)? If we would like to limit access to certain report pages, do we have to use a proxy or other tooling? Kind regards What problem would this solve?No response How should it work?No response |
Beta Was this translation helpful? Give feedback.
Replies: 2 comments 2 replies
-
|
Currently the best model to do RLS style access controls is by managing different deployments for different users. You can combine multiple deployments with build time variables to filter the data per user, and that way create totally sandboxed data for each user. Evidence Cloud has features to make the managements of these deployments straightforwards. |
Beta Was this translation helpful? Give feedback.
-
|
So if we would have 5 sales manager representing each a district and they should not be allowed to see each other figures, you would deploy 5 times and manage access through different sub-domains etc.? |
Beta Was this translation helpful? Give feedback.
-
|
either sub domains or sub routes with separate storage behind them |
Beta Was this translation helpful? Give feedback.
-
|
Thanks for the swift reply! |
Beta Was this translation helpful? Give feedback.
Currently the best model to do RLS style access controls is by managing different deployments for different users.
Since each deployment is simply a static site, this is a relatively lightweight solution.
You can combine multiple deployments with build time variables to filter the data per user, and that way create totally sandboxed data for each user.
Evidence Cloud has features to make the managements of these deployments straightforwards.