Hello,
I am very intrigued by the ability to use prepare_query/3 for modifying queries to perform fine-grained, i.e. row-level, permission checks.
My exploration of this started after reading @josevalim’s great example for limiting data access to the scope of an org_id, and thinking about ways to expand this to work at row-levels also.
Having received some feedback here on the forum on this subject, and after doing some more research, I think i now have an approach that could work.
However, my currently preferred approach would -in some cases- require knowledge / details about the original query itself, as some of the WHERE clauses I would tack on would require dynamic insertion of table name(s) from the original query, etc.
Now my question: How would you access individual components of the original query being intercepted by prepare_query? Examples could be the table name(s) in the “from” section, the table name(s) in the “join” section, a list of all the “where” clauses, etc…
Thank you!
