RlsPolicyDefinition

A single RLS policy. The predicate is expressed in LQL and transpiled to platform-specific SQL by RlsPredicateTranspiler at DDL generation time.

public sealed record RlsPolicyDefinition : IEquatable<RlsPolicyDefinition>

Properties

IsPermissive

[YamlMember(Alias = "permissive", DefaultValuesHandling = DefaultValuesHandling.Preserve)]
public bool IsPermissive { get; init; }

True for PERMISSIVE policies (default). False for RESTRICTIVE. SQLite cannot distinguish these and emits a MIG-W-RLS-SQLITE-RESTRICTIVE-APPROX warning when restrictive policies are present.

Operations

public IReadOnlyList<RlsOperation> Operations { get; init; }

Operations the policy applies to. Defaults to ``.

Roles

public IReadOnlyList<string> Roles { get; init; }

Roles the policy applies to. Empty means PUBLIC (all roles).

UsingLql

[YamlMember(Alias = "using")]
public string? UsingLql { get; init; }

LQL predicate for the USING clause. Applied to SELECT, the existing-row side of UPDATE, and DELETE.

WithCheckLql

[YamlMember(Alias = "withCheck")]
public string? WithCheckLql { get; init; }

LQL predicate for the WITH CHECK clause. Applied to INSERT and the new-row side of UPDATE.

UsingSql

[YamlMember(Alias = "usingSql")]
public string? UsingSql { get; init; }

Raw SQL escape hatch for the USING clause. Postgres-only; emitted verbatim. When set, takes precedence over ``. Used when the predicate calls SECURITY DEFINER functions (e.g. is_member()) that cannot be expressed as LQL exists() subqueries because they would evaluate under the caller's RLS context. Implements GitHub issue #36.

WithCheckSql

[YamlMember(Alias = "withCheckSql")]
public string? WithCheckSql { get; init; }

Raw SQL escape hatch for the WITH CHECK clause. Postgres-only. Implements GitHub issue #36.