# c77_rbac PostgreSQL Extension

The `c77_rbac` extension provides role-based access control (RBAC) for PostgreSQL, securing tables with row-level security (RLS) for multi-campus applications. All objects are in the `public` schema with `c77_rbac_` prefixes (e.g., `c77_rbac_subjects`, `c77_rbac_apply_policy`) to coexist with Laravel and third-party packages. Application tables use custom schemas (e.g., `myapp.orders`).

## Features

- Scoped role assignments (e.g., campus-specific access).
- Admin access via `global/all` scope for any user ID.
- RLS policies via `c77_rbac_apply_policy`.
- Compatible with PostgreSQL 14+ and Laravel.

## Installation

1. Ensure PostgreSQL 14 or later is installed.

2. Place `c77_rbac.control` and `c77_rbac--1.1.0.sql` in `/usr/share/postgresql/17/extension/`.

3. Run as a superuser:

   ```sql
   CREATE EXTENSION c77_rbac SCHEMA public;
   ```

## Usage

See `USAGE.md` for beginner-friendly instructions on securing tables and assigning roles.

## Requirements

- PostgreSQL 14 or later.
- Superuser access for installation.

## License

MIT License