Skip to content
Free tool · runs in your browser

RLS Policy Generator & Explainer

Row-Level Security is where most Supabase leaks come from. Generate correct policies from a pattern, or paste a policy to see in plain English exactly what it allows.

-- RLS for public.orders — pattern: Owner-only (per-user rows)
ALTER TABLE "public"."orders" ENABLE ROW LEVEL SECURITY;

CREATE POLICY "orders_select_own" ON "public"."orders"
  FOR SELECT TO authenticated
  USING ("user_id" = auth.uid());

CREATE POLICY "orders_insert_own" ON "public"."orders"
  FOR INSERT TO authenticated
  WITH CHECK ("user_id" = auth.uid());

CREATE POLICY "orders_update_own" ON "public"."orders"
  FOR UPDATE TO authenticated
  USING ("user_id" = auth.uid())
  WITH CHECK ("user_id" = auth.uid());

CREATE POLICY "orders_delete_own" ON "public"."orders"
  FOR DELETE TO authenticated
  USING ("user_id" = auth.uid());

Test these against real roles.

Suparbase's RLS debugger simulates any policy as anon / authenticated / a specific user, live against your project — so you know it's right before you ship.