I didn't know we could also impersonate users from Supabase, that's a huge help. Also pls a video about creating customs roles, and how they relate to auth.users if there is any relation, because I don't know if we should be modifying that.
This is great. Thanks for the hard work! I also find defining functions a bit jarring as a new user. For instance to inserting multiple records relational queries is a common use case that's not that easy to do out of the box. An AI tool for functions and some advanced examples with `plpgsql` or how to properly use sql in functions would be greatly appreciated. Or an alternative would be to provide the supabase sdk to allow for nested inserts (for relational queries) would be a huge unlock (like it's possible with Prisma if you google: Prisma Relational Queries: Nested Writes)
Great feedback! 🙌 Supabase AI is also available in the SQL Editor so it can help you write your Postgres functions. I am also putting together a bunch of Postgres theory content for next year so will make sure all of this is covered!
Apparently: Supabase introduced a feature that used AI to generate Row Level Security (RLS) policies at the beginning of 2024. However, this feature is no longer available. The removal may be related to several challenges and limitations associated with RLS policies and their implementation. RLS policies in Supabase can become complex and challenging to manage, especially when dealing with performance issues and maintaining consistency across different parts of the application. There have been reports of difficulties in testing and debugging these policies, as well as issues with maintaining a good developer experience  . Additionally, there are specific technical hurdles related to RLS, such as the need for duplicating policy filters in application code and ensuring that policies are correctly applied without impacting performance . Given these complexities, it’s possible that Supabase decided to remove the AI-generated RLS policy feature to focus on more stable and manageable solutions. For current best practices on implementing RLS in Supabase, you can refer to their official documentation.
I've been struggling so hard just to implement a simple insert, select, update, and delete. It's crazy there's no default RLS with just applied "authenticated" using "true", and it working out of the box. I've never seen such "secure"/tied down system to a sql database before.
The impersonation feature only works with supabase auth and not next-auth, correct ? Also, the ai assistant is so cool but does it have hallucinations like Chatgpt ?
I haven't played with next-auth for a while, but if it doesn't enforce regular RLS policies, then the impersonation feature won't match what a user in next-auth would get back. Also, I don't think next-auth uses the auth.users table so your next-auth users will probably not show up under the impersonation tab - again, haven't tested this so it might work perfectly! 🙂 We recommend checking the AI suggestion is what you want to do before running the SQL, as it may get a little "creative" 👍
I use DrizzleORM and connect to my DB with a connection string. I have enabled RLS and haven't created a policy but I'm still able to query the data on my website. Why is this?
Hi there! Thanks for the vid. I am having trouble using Supabase with Buildship. Even when I enable RLS, use a policy I get null. I disable RLS, I still get null. These happen both for using anon key and the service role secret key.. Do you have any idea why this is happening and how to fix it?
My question IS : How to insert a Record that has is_published set to false? Never understood why The selected policy always run after an update. It reduces so much the Power of this approach
Why is your UI for creating a new policy so different from mine? When I click New Policy it brings up the modal with templates or from scratch options.
am new to supabase and postgres , while i loved it at first i hated rls for more complicated schemas like for exp user owns a store and a store has its own categories how do i write a policy for only store owners can add categories when they don't have direct relationship
Through RLS I have acheive user_permission design. With this I can control which user can select, insert and update or delete from a table's boolean value ,,user wise row.
![ILLSLICK - KILLSHOT REMIX [FULL VERSION]](http://i.ytimg.com/vi/RIK8RrqIAzE/mqdefault.jpg)
This is just the first announcement of Supabase Launch Week X.
Read the blog post here: supabase.com/blog/studio-introducing-assistant?
And more Launch week announcements here: supabase.com/launch-week?
@@Supabase spicy
I didn't know we could also impersonate users from Supabase, that's a huge help. Also pls a video about creating customs roles, and how they relate to auth.users if there is any relation, because I don't know if we should be modifying that.
my UI does not match the UI in this video. Not sure if this version of Supabase is outdated?
This is great! I really like the impersonation feature. It’s always a pain to test different levels of access.
Yeah, I agree! This is going to save me so much time! 🎉
@@JonMeyers the kinda thing you don't realize how much it was missing until it's there!
I was just playing around with user impersonation, and wow it's easy to use and powerful.
Yeah I honestly love this feature!
OMGGGGG I literally suggested this on Twitter/X, I had no clue you were actually implementing it.
Those impersonate tool and ai assitant are damn good ! Makes me want to deep dive on RLS !
Yeah, it’s going to save me so much time! 🚀
This is awesome, the Supabase Dashboard is becoming so incredibly powerful 🙌
Terrific stuff, very well presented. Thanks!
Jon is here!
Let’s get into it!
This is great. Thanks for the hard work! I also find defining functions a bit jarring as a new user. For instance to inserting multiple records relational queries is a common use case that's not that easy to do out of the box. An AI tool for functions and some advanced examples with `plpgsql` or how to properly use sql in functions would be greatly appreciated. Or an alternative would be to provide the supabase sdk to allow for nested inserts (for relational queries) would be a huge unlock (like it's possible with Prisma if you google: Prisma Relational Queries: Nested Writes)
Great feedback! 🙌 Supabase AI is also available in the SQL Editor so it can help you write your Postgres functions. I am also putting together a bunch of Postgres theory content for next year so will make sure all of this is covered!
Awesome but when will it be available for local Dev, which is where we really need this?
Awesome video!
Thanks! 🙌 Glad you enjoyed it! What do you want to see next?
@@JonMeyers RLS also set a limit of registers?
awesome feature 🤙
It’s one of my favourites so far! 🚀
User Impersonation: brilliant
Love This!
Glad you enjoyed it! 🙌 Much more coming over the next few days!
Apparently: Supabase introduced a feature that used AI to generate Row Level Security (RLS) policies at the beginning of 2024. However, this feature is no longer available. The removal may be related to several challenges and limitations associated with RLS policies and their implementation.
RLS policies in Supabase can become complex and challenging to manage, especially when dealing with performance issues and maintaining consistency across different parts of the application. There have been reports of difficulties in testing and debugging these policies, as well as issues with maintaining a good developer experience  .
Additionally, there are specific technical hurdles related to RLS, such as the need for duplicating policy filters in application code and ensuring that policies are correctly applied without impacting performance .
Given these complexities, it’s possible that Supabase decided to remove the AI-generated RLS policy feature to focus on more stable and manageable solutions. For current best practices on implementing RLS in Supabase, you can refer to their official documentation.
I've been struggling so hard just to implement a simple insert, select, update, and delete. It's crazy there's no default RLS with just applied "authenticated" using "true", and it working out of the box. I've never seen such "secure"/tied down system to a sql database before.
The impersonation feature only works with supabase auth and not next-auth, correct ? Also, the ai assistant is so cool but does it have hallucinations like Chatgpt ?
I haven't played with next-auth for a while, but if it doesn't enforce regular RLS policies, then the impersonation feature won't match what a user in next-auth would get back. Also, I don't think next-auth uses the auth.users table so your next-auth users will probably not show up under the impersonation tab - again, haven't tested this so it might work perfectly! 🙂
We recommend checking the AI suggestion is what you want to do before running the SQL, as it may get a little "creative" 👍
I use DrizzleORM and connect to my DB with a connection string. I have enabled RLS and haven't created a policy but I'm still able to query the data on my website. Why is this?
Hi there! Thanks for the vid. I am having trouble using Supabase with Buildship. Even when I enable RLS, use a policy I get null. I disable RLS, I still get null. These happen both for using anon key and the service role secret key.. Do you have any idea why this is happening and how to fix it?
My question IS : How to insert a Record that has is_published set to false? Never understood why The selected policy always run after an update. It reduces so much the Power of this approach
Why is your UI for creating a new policy so different from mine? When I click New Policy it brings up the modal with templates or from scratch options.
Same for me. This video seems to be outdated
am new to supabase and postgres , while i loved it at first i hated rls for more complicated schemas
like for exp user owns a store and a store has its own categories
how do i write a policy for only store owners can add categories when they don't have direct relationship
How to make page views with NextJs and Supabase?
I don't have this feature.
is there really a need to enable RLS if I access db only via backend?
What if someone attempts to access your database API directly if they get ahold of the URL?
If you don’t expose your anon key it’s fine. But better be safe than sorry!
I cant see the AI chat on policies
Enabling RLS strict live changes
🤖🚀🚀
🚀
Could you please stop shaking your body. It's distracting from what you're saying!
Through RLS I have acheive user_permission design. With this I can control which user can select, insert and update or delete from a table's boolean value ,,user wise row.
🔥 🆇
4 more to go! Plus all those other one more things! 😆
There's always one more thing(s)
Great video!