A few things, RLS is secure by default, it's postgrest that's insecure by default.
RLS disables all operations on a table once enabled and is only operable once there's a passing policy unless you can bypass RLS.
When it comes to access control, you should probably always have tests for anything halfway important.
Views are a bit of a footgun when it comes to RLS, they bypass it by default. But getting them to play nice is as simple as defining "security invoker" in their definition; not what I'd call heroics.
> A few things, RLS is secure by default, it's postgrest that's insecure by default.
What makes you think that? PostgREST delegates all the authorization to PostgreSQL, which is secure by default. You have to explicitly assign privileges to roles for every operation.
RLS disables all operations on a table once enabled and is only operable once there's a passing policy unless you can bypass RLS.
When it comes to access control, you should probably always have tests for anything halfway important.
Views are a bit of a footgun when it comes to RLS, they bypass it by default. But getting them to play nice is as simple as defining "security invoker" in their definition; not what I'd call heroics.