Skip to main content
Glama
kychee-com

run402

by kychee-com
OverviewSchemaRelated ServersScoreDiscussions
TypeScript
Hybrid

setup_rls

Apply row-level security policies to database tables using predefined templates like user_owns_rows, public_read, or public_read_write to control data access.

Instructions

Apply row-level security to tables. Templates: user_owns_rows (users access own rows only), public_read (anyone reads, authenticated writes), public_read_write (open access).

Input Schema

TableJSON Schema
NameRequiredDescriptionDefault
project_idYesThe project ID
templateYesRLS template: user_owns_rows (users can only access their own rows), public_read (anyone reads, authenticated users write), public_read_write (anyone can read and write)
tablesYesTables to apply RLS policies to

Implementation Reference

  • src/tools/setup-rls.ts:28-60 (handler)
    Handler function that implements the setup_rls tool logic. It validates the project exists, makes an API request to apply row-level security policies with the specified template (user_owns_rows, public_read, or public_read_write), and returns a formatted success message.
    export async function handleSetupRls(args: {
  project_id: string;
  template: string;
  tables: Array<{ table: string; owner_column?: string }>;
}): Promise<{ content: Array<{ type: "text"; text: string }>; isError?: boolean }> {
  const project = getProject(args.project_id);
  if (!project) return projectNotFound(args.project_id);

  const res = await apiRequest(`/admin/v1/projects/${args.project_id}/rls`, {
    method: "POST",
    headers: {
      Authorization: `Bearer ${project.service_key}`,
    },
    body: {
      template: args.template,
      tables: args.tables,
    },
  });

  if (!res.ok) return formatApiError(res, "setting up RLS");

  const body = res.body as { status: string; template: string; tables: string[] };

  const lines = [
    `## RLS Applied`,
    ``,
    `Template **${body.template}** applied to: ${body.tables.map((t) => `\`${t}\``).join(", ")}`,
    ``,
    `Row-level security is now active on these tables.`,
  ];

  return { content: [{ type: "text", text: lines.join("\n") }] };
}
  • src/tools/setup-rls.ts:6-26 (schema)
    Input validation schema defining the parameters for setup_rls tool: project_id (string), template (enum of three RLS policy types), and tables array with table name and optional owner_column.
    export const setupRlsSchema = {
  project_id: z.string().describe("The project ID"),
  template: z
    .enum(["user_owns_rows", "public_read", "public_read_write"])
    .describe(
      "RLS template: user_owns_rows (users can only access their own rows), " +
      "public_read (anyone reads, authenticated users write), " +
      "public_read_write (anyone can read and write)",
    ),
  tables: z
    .array(
      z.object({
        table: z.string().describe("Table name"),
        owner_column: z
          .string()
          .optional()
          .describe("Column containing the user ID (required for user_owns_rows template)"),
      }),
    )
    .describe("Tables to apply RLS policies to"),
};
  • src/index.ts:86-91 (registration)
    Registration of the setup_rls tool with the MCP server, providing the tool name, description, schema, and handler function reference.
    server.tool(
  "setup_rls",
  "Apply row-level security to tables. Templates: user_owns_rows (users access own rows only), public_read (anyone reads, authenticated writes), public_read_write (open access).",
  setupRlsSchema,
  async (args) => handleSetupRls(args),
);
Install Server

Other Tools

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/kychee-com/run402'

If you have feedback or need assistance with the MCP directory API, please join our Discord server