Posted on Jul 17 There has been massive innovation in the database and backend space for developers building applications. As a consequence, the emerging trend is the rise of new database cloud service providers like below:Among all of these, my favorite one is Supabase. The reason is that Supabase is more than just a managed database provider—it's a game-changer that offers a comprehensive Backend as a Service (BaaS) solution. With the all-in-one package of PostgreSQL database, authentication, real-time subscriptions, RESTful API generation, and file storage, you don’t even need an additional backend service for your web application. It is usually not possible to achieve this even with API generation because of a simple truth:You never expose database directly to the frontendThanks to the powerful Row-Level Security (RLS) of Postgres, it is possible to enable secure and controlled access to the database via API generation. In a nutshell, RLS allows you to define policies that restrict access to rows based on user attributes. Here is one simple example (with PostgreSQL):In human language, it says:After writing fine-grained access policies, the database will ensure that only authorized users can access specific data based on the defined rules. Now it’s safe to expose the API to the frontend while ensuring data privacy and security. In 2007, Microsoft released its server protocol to comply with antitrust regulators in Europe. However, they faced a challenge when many of their protocols lacked technical documents, so teams had to create them based on implementation. To ensure accuracy, Microsoft created a dedicated team to test these protocol specifications. To automate the testing process, an internal tool team developed various tool suites.I joined the tool team as a fresh graduate, and they were developing a new tool to address this issue fundamentally. Mistakes in specifications may occur because they are completely segregated from the implementation. Sharing a single definition between them would ensure consistency and eliminate the need for testing.That’s how a new DSL(domain-specific language) called Open Protocol Notation(OPN) is introduced. It is designed to enable developers to model protocol architecture, behavior, and data. It can be used to generate protocol schema files (IDL, WSDL, etc.), message parsers, simulations, and technical documents. I can still remember the time when I finished an OPN for an RPC protocol that was used to both generate the publicly released technical document and parse/display messages. And it's the first time I've heard what people would call it:Single source of truthOf course, this is the entire point of implementing security with database policy, but it hurts when you want to have a wholistic view of your application because a big chunk of logic does not stay with your source code. The specific hurtings might be: I think it’s the same reason why you seldom see people using stored procedures of databases nowadays despite all the benefits they offer. The first question we need to answer is: If we want to move the access policies from the database to be alongside the application code, where is the best place for it?It is intuitive to think of Object-Relational Mapping (ORM) as the bridge between application code and the database, providing a convenient abstract access layer for code. So that’s the approach we choose to do for the ZenStack OSS project we are building. It is built above the Prisma ORM, and one of its focuses is to add access control capability. Here's an example schema for the same "chat" scenario that we've seen previously:When the application code uses the ORM to talk to the database, proper filters are injected into queries and mutations to enforce the security rules. For example:See, the RLS policy rules have been successfully moved to the application code. Some individuals may ask, "Wait a minute, what about this new schema file that's been introduced? Doesn't that break the principle of a single source of truth?”My short answer for it is the schema file is also part of the application code. If you think about it, the RLS functionality is achieved without compromising simplicity, portability, and version control mentioned above. Additionally, the schema file is transpiled into Typescript code during the building process. This is just one of two different approaches to ORM: "code-first" like TypeoRM or "schema-first" like Prisma.While it's possible to achieve this using the "code-first" approach, it may be difficult and non-intuitive for developers to express the desired access policy without a schema. The "schema-first" approach offers additional benefits through code generation. If you're interested, you can check out another post I wrote on this topic.To be fair, I cannot deny some of the advantages that RLS has over our approach, such as the ability of policies to work across multiple applications and its language agnosticism. However, we all know that there is no one-size-fits-all solution. It always involves a trade-off that needs to be made. As long as some people believe it’s the right way to go, then all the current disadvantages are just issues to be resolved by us. Are you one of them? 😉 If so, check out our Github for more detail:https://github.com/zenstackhq/zenstackTemplates let you quickly answer FAQs or store snippets for re-use. Are you sure you want to hide this comment? It will become hidden in your post, but will still be visible via the comment's permalink. Hide child comments as well Confirm For further actions, you may consider blocking this person and/or reporting abuse Durgesh kumar prajapati - Jul 13 zaira - Jul 12 ymc9 - Jul 11 Eshank Vaish - Jul 11 See how ZenStack helps you simplify full-stack development: Once suspended, zenstack will not be able to comment or publish posts until their suspension is removed. Once unsuspended, zenstack will be able to comment and publish posts again. Once unpublished, all posts by zenstack will become hidden and only accessible to themselves. If zenstack is not suspended, they can still re-publish their posts from their dashboard. Note: Once unpublished, this post will become invisible to the public and only accessible to JS. They can still re-publish the post if they are not suspended. Thanks for keeping DEV Community safe. Here is what you can do to flag zenstack: zenstack consistently posts content that violates DEV Community's code of conduct because it is harassing, offensive or spammy. Unflagging zenstack will restore default visibility to their posts. DEV Community — A constructive and inclusive social network for software developers. With you every step of your journey. Built on Forem — the open source software that powers DEV and other inclusive communities.Made with love and Ruby on Rails. DEV Community © 2016 - 2023. We're a place where coders share, stay up-to-date and grow their careers.