Row Level Security

RLS

أمان على مستوى الصف (RLS)

Intermediatedatabase1 min read
rlspostgresql rlssupabase rlsrow security policydatabase security

Definition

A PostgreSQL feature that restricts which rows a user can SELECT, INSERT, UPDATE, or DELETE based on policies.

ميزة PostgreSQL تُقيّد الصفوف التي يمكن للمستخدم SELECT أو INSERT أو UPDATE أو DELETE بناءً على السياسات.

Why It Matters

RLS in Supabase is the equivalent of Firestore Security Rules in Firebase — both ensure users can only access data they're authorized to see, enforced at the database level.

RLS في Supabase يعادل Firestore Security Rules في Firebase — كلاهما يضمن وصول المستخدمين فقط إلى البيانات المُصرَّح لهم برؤيتها، مُطبَّق على مستوى قاعدة البيانات.

Full Definition

Row Level Security is a PostgreSQL security mechanism that enforces data access at the database level. Policies are SQL expressions that run for every query. Example: `auth.uid() = user_id` ensures users can only see their own data. Supabase enables RLS on all tables by default (though policies must be written). Firebase Firestore Security Rules serve the same purpose in the Firebase ecosystem.
Row Level Security آلية أمان PostgreSQL تُطبّق الوصول إلى البيانات على مستوى قاعدة البيانات. السياسات تعبيرات SQL تعمل لكل استعلام. مثال: `auth.uid() = user_id` يضمن رؤية المستخدمين لبياناتهم فقط. Firestore Security Rules تخدم نفس الغرض في نظام Firebase البيئي.

Example Usage

-- Only users can read their own bookmarks: CREATE POLICY 'own bookmarks' ON bookmarks FOR SELECT USING (auth.uid() = user_id);

-- يمكن للمستخدمين قراءة إشاراتهم المرجعية فقط: CREATE POLICY 'own bookmarks' ON bookmarks FOR SELECT USING (auth.uid() = user_id);

Knowledge Graph

Avoid these mistakes when using Row Level Security:

1

Forgetting to write policies after enabling RLS — RLS blocks ALL access by default, even for the table owner

2

Writing overly permissive policies that negate the security benefit

Sign in to unlock guided AI explanations from AI Teacher.

Generate a Prompt

Copy this prompt and use it directly with any AI model — no setup needed.

Ready-to-Use Prompt
Help me build a project using Row Level Security.

Explain:
1. What is Row Level Security and why it matters
2. The core architecture and required tools
3. Step-by-step implementation plan
4. Common mistakes to avoid: Forgetting to write policies after enabling RLS — RLS blocks ALL access by default, even for the table owner, Writing overly permissive policies that negate the security benefit
5. Best practices and production tips

Official Resources