35 lines
1.1 KiB
Markdown
35 lines
1.1 KiB
Markdown
# c77_rbac PostgreSQL Extension
|
|
|
|
The `c77_rbac` extension provides role-based access control (RBAC) for PostgreSQL, securing tables with row-level security (RLS) for multi-campus applications. All objects are in the `public` schema with `c77_rbac_` prefixes (e.g., `c77_rbac_subjects`, `c77_rbac_apply_policy`) to coexist with Laravel and third-party packages. Application tables use custom schemas (e.g., `myapp.orders`).
|
|
|
|
## Features
|
|
|
|
- Scoped role assignments (e.g., campus-specific access).
|
|
- Admin access via `global/all` scope for any user ID.
|
|
- RLS policies via `c77_rbac_apply_policy`.
|
|
- Compatible with PostgreSQL 14+ and Laravel.
|
|
|
|
## Installation
|
|
|
|
1. Ensure PostgreSQL 14 or later is installed.
|
|
|
|
2. Place `c77_rbac.control` and `c77_rbac--1.1.0.sql` in `/usr/share/postgresql/17/extension/`.
|
|
|
|
3. Run as a superuser:
|
|
|
|
```sql
|
|
CREATE EXTENSION c77_rbac SCHEMA public;
|
|
```
|
|
|
|
## Usage
|
|
|
|
See `USAGE.md` for beginner-friendly instructions on securing tables and assigning roles.
|
|
|
|
## Requirements
|
|
|
|
- PostgreSQL 14 or later.
|
|
- Superuser access for installation.
|
|
|
|
## License
|
|
|
|
MIT License |