Preset Feature Feedback
What is the problem or goal the end user is trying to solve or accomplish?
Apply the same tenant filter (e.g., customer_id) to all existing datasets and any datasets created in the future so user groups never see data outside their tenant without requiring manual maintenance.
How are they solving it currently?
Manually selecting datasets in each RLS rule and re-editing rules whenever new datasets are added.
Maintaining external automation (API scripts/cron) to discover new datasets and re-patch the rule’s tables list.
Pushing filters down to the database (DB-native RLS or per-tenant views), which increases coupling and operational overhead.
What is the recommended solution by the Customer?
Add an “All Datasets” scope to RLS rules:
A rule flagged as All Datasets applies to every dataset in the workspace by default and auto-covers future datasets.
Optional limiters: database-level or schema-level scoping within the same rule (e.g., All Datasets in DB X, or in Schema Y).
Backfill option on save to attach all existing datasets immediately.
Auditability: log when new datasets become covered by an All Datasets rule.
Permissions: only Admins can create/modify All Datasets–scoped rules; UI shows the estimated count of affected datasets and a confirmation step.
API parity: extend /api/v1/rowlevelsecurity to accept scope: {"type":"all"} and optional {database_id, schema_name}; add POST /rowlevelsecurity/<id>/refresh to re-evaluate coverage.
