dbschema 0.1.4

Define database schema's as HCL files, and generate idempotent SQL migrations
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49

# Policy

Defines a row-level security policy.

```hcl
policy "user_select" {
  schema  = "public"
  table   = "users"
  command = "select"
  roles   = ["postgres"]
  using   = "true"
}
```

## Attributes
- `name` (label): policy name.
- `schema` (string, optional): schema of the table. Defaults to `public`.
- `table` (string): table the policy applies to.
- `command` (string): `ALL`, `SELECT`, `INSERT`, `UPDATE`, or `DELETE`.
- `as` (string, optional): `PERMISSIVE` or `RESTRICTIVE`.
- `roles` (array of strings): roles the policy applies to. Empty means `PUBLIC`.
- `using` (string, optional): expression for row visibility.
- `check` (string, optional): expression for permitted values on write.
- `comment` (string, optional): documentation comment.

## Examples

```hcl
table "docs" {
  column "id"     { type = "uuid", nullable = false, default = "gen_random_uuid()" }
  column "owner"  { type = "text", nullable = false }
  column "title"  { type = "text", nullable = false }
  primary_key { columns = ["id"] }
}

-- Enable RLS and allow owners to read their docs
policy "docs_select_own" {
  table = "docs"
  command = "select"
  using = "owner = current_user"
}

-- Allow owners to insert/update their rows
policy "docs_write_own" {
  table = "docs"
  command = "all"
  check = "owner = current_user"
}
```