Basejump Logo

Basejump

DocsGetting StartedSupabase Test Helpers
Basejump on GithubBasejump on Twitter
Close Documentation Menu
  • Quick Start
  • Setup
  • Account Types
  • Configuration Variables
  • Environment Variables
  • Setup Stripe
  • Developing
  • Permissions and RLS
  • Convenience Methods
  • Content
  • Blog Template
  • Docs Template
  • Deploying
  • Setup Supabase
  • Deploying Migrations
  • Deploying to Vercel
Documentation Menu
Developing

Convenience Methods

We've created some convenience functions to help you enforce permissions both inside postgres using RLS.

basejump.get_accounts_for_current_user(role: string default null)

  • Private - usable within Postgres only
  • Returns Array(uuid)

This function returns a list of accounts that the current user has access to. If you pass in a role, it will only return accounts that the user has that role for.

It's useful in permissions where you want to confirm that a user belongs to an account.

For example, if you want to only allow account members to view posts

create policy "Only members can view posts" on posts 
    for select
    to authenticated
    using (
        account_id IN (SELECT basejump.get_accounts_for_current_user())
    );

But maybe you want owners to be able to update posts

create policy "Only owners can update posts" on posts 
    for update
    to authenticated
    using (
        account_id IN (SELECT basejump.get_accounts_for_current_user('owner'))
    );

public.current_user_account_role(account_id: uuid)

  • Public - Can be called within Postgres or over RPC
  • Returns json

This function returns the role that the current user has for the given account. If the user doesn't have access to the account, it returns null.

Because this function is on the public schema, it can be used through the API layer as well using an rpc call. As a result, it returns a json object.

const { data, error } = await supabase
  .rpc('current_user_account_role', { account_id: 'account-id' })

console.log(data) 
// { account_role: 'owner', is_primary_owner: true, is_personal_account: true }

public.get_account_billing_status(account_id: uuid)

  • Public - Can be called within Postgres or over RPC
  • Returns json

This function returns the billing status for the given account. If the user doesn't have access to the account, it returns null.


const { data, error } = await supabase
  .rpc('get_account_billing_status', { account_id: 'account-id' });

console.log(data)
// { id: 'subscription-id', status: 'active', billing_email: 'test@test.com', plan_name: 'Free' }

basejump.is_set(config: string)

  • Private - usable within Postgres only
  • Returns boolean For a given config field name, returns if it is set to true/false. This is useful for checking if a feature is enabled such as team or personal accounts.

You can see the list of available config fields in the configuration variables guide.


For example, if you want to block new accounts form being created unless team accounts are enabled
```sql
create policy "Team accounts should be enabled to create new ones" on accounts
    for insert
    to authenticated
    using (
        basejump.is_set('team_accounts_enabled')
    );

basejump.get_config()

  • Private - usable within Postgres only
  • Returns json

This function returns the current config for the platform. This is useful for checking if a feature is enabled such as team or personal accounts.

Close Documentation Menu
  • Quick Start
  • Setup
  • Account Types
  • Configuration Variables
  • Environment Variables
  • Setup Stripe
  • Developing
  • Permissions and RLS
  • Convenience Methods
  • Content
  • Blog Template
  • Docs Template
  • Deploying
  • Setup Supabase
  • Deploying Migrations
  • Deploying to Vercel

© 2023 usebasejump.com

Basejump Logo

Basejump

  • Docs
  • Getting Started
  • Supabase Test Helpers
    • Basejump on GithubBasejump on Twitter