Organizations plugin with Drizzle RLS
Hi, I am creating a hobby project which is a multi tenant app (using the organisations plugin).
I use Hono to serve a CRUD API. How can I:
- Restrict certain columns to users with certain roles (keeping in mind a user can belong to multiple organisations with different roles between organisations)
- Make sure users can only retrieve records which belong to their organisation(s)
- Restrict creating / updating records in certain tables to certain roles?
Am I correct it would be better to add these restrictions on the DB level or is it better to manage this at the API (Hono in my case) level?
0 Replies