← atlas·auth-policies

setup-rls-policy

User initiates creation of a row-level security (RLS) policy. The journey covers the policy-expression dialog, before/after row-count visualization, and post-creation feedback with security-aware profiles.

default path · what bare Studio does

  1. 01
    route/project/[ref]/auth/policiesactionselect-tablehookuseAuthPoliciesSnapshot
  2. 02
    route/project/[ref]/auth/policiesactionopen-policy-creationuiopen-modal
  3. 03
    route/project/[ref]/auth/policiesactionselect-policy-type
  4. 04
    route/project/[ref]/auth/policiesactionenter-expression
  5. 05
    route/project/[ref]/auth/policiesactionconfirm-create-policyside-effectexecute-ddl
  6. 06
    route/project/[ref]/auth/policiesactionserver-ackuipolicy-creation-toast

per-profile overrides · vehicle × route

Three vehicles, three routes

Connector · Battleship

Monica

sea route

Bring the team into the workflow.

deltas

  • Enter: recent-activity-feed
  • prelude · CollabRail
  • on save · TeamSaveAck

slot fillers wired

  • preright-rail · CollabRail
  • on savesave-confirmation · TeamSaveAckRLS policy created: Aisha reviewed 2 hours ago

cognitive justification

HSP + Connector → security decisions feel safer with team presence. The collab rail surfaces who's viewing the policy; the save-ack transfers responsibility to collective accountability (GABA −22, Agreeableness +0.571).

Try Monica's route →

Explorer · Tractor

Nate

field route

Show me what I don't already know.

deltas

  • Enter: schema-map-tile
  • prelude · SchemaMap
  • destructive · AdvanceNoticeStrip 3000ms
  • chunk · 4

slot fillers wired

  • premain-prelude · SchemaMap
  • pre-destructiveadvance-notice · AdvanceNoticeStrip3000ms

cognitive justification

ASD prediction-error (κ + 26) + ADHD DA-seeking → literal-language policy expressions ("USING auth.uid() = user_id") prevent misinterpretation. Advance-notice strip buffers surprise. SchemaMap shows which tables are affected. Zero motion respects HSP.

Try Nate's route →

Analyst · Airplane

Sara

air route

Numbers first. Then we talk.

deltas

  • Enter: kpi-drill
  • prelude · KpiBand
  • on save · SaveLedger

slot fillers wired

  • premain-prelude · KpiBand
  • on savemain-postlude · SaveLedger✓ policy active · {{visible_before}}/{{visible_after}} rows visible per user

cognitive justification

CORT +19 (anxiety) + Analyst (A 0.000) → typed-name confirmation enforces deliberation before security-critical DDL. SaveLedger's before/after row count provides reassurance that the policy is scoped correctly (no over-restriction, no data leaks visible).

Try Sara's route →