RLS to support multi-tenancy #15
Description
Requirement: Pgweb must read user role from HTTP header X-Database-Role
Behavior: When header is present, automatically execute SET ROLE {role_name} before every database query
Scope: Applies to ALL database operations (queries, schema browsing, metadata calls)
Universal Query Wrapping:
- Inject SET ROLE for all database operations
Graceful Degradation:
- Requirement: When X-Database-Role header is absent, pgweb operates normally
- Behavior: No SET ROLE injection, uses default connection credentials
- Purpose: Maintains backward compatibility
Metadata
Metadata
Assignees
Labels
No labels