Mastodawn

Your Django ORM protects tenant data. Your raw SQL doesn't. 😬

That's why I built django-rls-tenants — multitenancy powered by PostgreSQL Row-Level Security, enforced at the database level.

🔒 Every query is filtered — ORM, raw SQL, even dbshell
🚫 Missing tenant context? Zero rows returned, never a data leak
📦 Single schema, no connection routing headaches
⚡ Drop-in: one base model, one middleware, done

Unlike schema-based or ORM-rewriting approaches, RLS policies live in PostgreSQL itself. The database becomes your last line of defense — not your app code.

Supports Python 3.11+, Django 4.2–6.0, PostgreSQL 15+.

Just shipped v1.0.0 🚀

pip install django-rls-tenants

📖 Docs & source: https://github.com/dvoraj75/django-rls-tenants

Feedback, stars & contributions welcome! ⭐

#Django #Python #PostgreSQL #MultiTenancy #RowLevelSecurity #OpenSource #WebDev #SaaS #InfoSec #Database

GitHub - dvoraj75/django-rls-tenants: Database-enforced multitenancy for Django using PostgreSQL Row-Level Security. Every query -- ORM, raw SQL, dbshell -- is filtered by the database itself. Zero data leaks by design

Database-enforced multitenancy for Django using PostgreSQL Row-Level Security. Every query -- ORM, raw SQL, dbshell -- is filtered by the database itself. Zero data leaks by design - dvoraj75/djang...

GitHub

JohnnyD 6d ago

🚀 Day 1 on django-rls-tenants — bringing true PostgreSQL Row-Level Security to Django multitenancy!

Instead of separate schemas or filtered querysets, this library leverages native RLS policies at the DB level to isolate tenant data automatically.

✅ Pros:
• True DB-level isolation — tenants can't bleed into each other
• Transparent to Django ORM — no custom managers needed
• Leaner than schema-per-tenant approaches
• Scales well for high tenant counts
• Security enforced even outside the app layer

❌ Cons:
• PostgreSQL-only (no MySQL/SQLite support)
• RLS policies add complexity to migrations
• Debugging cross-tenant issues can be tricky
• Superuser connections bypass RLS — needs care
• Less community tooling than shared-schema approaches

Still very early, but the foundations are solid. Would love feedback from anyone who's tackled multitenancy in Django before! 🐘🐍

#Django #PostgreSQL #Python #Multitenancy #RLS #RowLevelSecurity #OpenSource #WebDev #SaaS #DjangoORM #DevLife

AI Daily Post Nov 16

Embedding policy enforcement directly into query engines gives AI agents fine‑grained, auditable control over data. Think row‑ and column‑level security, purpose‑binding, and seamless IAM integration—without sacrificing performance. Learn how this opens the path to trustworthy, open‑source AI. #PolicyEnforcement #QueryEngine #AIagents #RowLevelSecurity

🔗 https://aidailypost.com/news/embedding-policy-enforcement-query-engines-secures-ai-agents-data

simplyblock Sep 18

Underrated Postgres: Build Multi-Tenancy with Row-Level Security

Building multi-tenant applications requires developers to ensure correct queries at every step along the way. Typically, we'd fall back on using WHERE clauses and pass along necessary constraints. Having to redo the same pattern over and over is error-prone, and even a single missed check can leak data to other users. Multi-Tenancy and Access Control When building SaaS or any multi-tenant application, you always face the same nightmare: ensuring the right tenant only sees their own data. […]

https://www.simplyblock.io/blog/underated-postgres-multi-tenancy-with-row-level-security/

Hacker News Jul 9, 2025

Multi-Region Row Level Security in CockroachDB

https://www.cockroachlabs.com/blog/fine-grained-access-control-row-level-security/

#HackerNews #MultiRegion #Security #CockroachDB #RowLevelSecurity #DataAccess

You Shall Not Pass: Fine Grained Access Control with Row Level Security

Discover how CockroachDB’s new Row-Level Security feature enables fine-grained access control, helping enterprises secure data, simplify apps, and meet compliance needs.