π Dead easy column and row-level security
# Use your favorite package manager!
pnpm add -E crls// ESM / TypeScript
import crls from 'crls'
// or CommonJS
// const crls = require('crls')import crls from 'crls'
type Post = {
id: number
title: string
author: string
}
type Context = {
username: string
}
const data: Array<Post> = [
{ id: 1, title: 'A blog post!', author: 'luke' },
{ id: 2, title: 'Another blog post!', author: 'luke' },
{ id: 3, title: 'My blog post!!!', author: 'notluke' },
]
const withCRLS = crls<Post, Context>(data, (row, context) => {
// Users cannot see posts that they haven't authored
if (row.author !== context.username) return false
// If the user is "luke", they cannot see post IDs
else if (context.username === 'luke') return new Set(['title', 'author'])
// If the user is the author, and they aren't "luke"
else return true
})
const lukePosts = withRLS({ username: 'luke' })
// => [{ title: "A blog post!", author: "luke" }, { title: "Another blog post!", author: "luke" }]
const notLukePosts = withRLS({ username: 'notluke' })
// => [{ id: 3, title: "My blog post!!!", author: "notluke" }]
const bobPosts = withRLS({ username: 'bob' })
// => []View full documentation at crls.js.org!
CRLS is licensed under the MIT License.