Is ZenStack implemented with Postgres RLS (row-level-security)?
No, it is not implemented with Postgres RLS. Instead, ZenStack applies access control rules by injecting into Prisma's query arguments and (in certain scenarios) conducting post-query filtering. The choice brings several benefits:
- Database agnostic: ZenStack works with any database that Prisma supports.
- No need to create migrations when changing access control rules.
- A significantly simpler syntax for access control rules compared to SQL RLS.
- Colocating access control rules with the data model.
Is ZenStack framework-agnostic?
Yes, ZenStack is framework-agnostic. The core of ZenStack's runtime is a transparent proxy wrapping a PrismaClient, so it can be used in any framework that can run Prisma. ZenStack already provides adapters for popular frameworks like Next.js and Fastify, and more are being made. It's also easy to write your own adapters.
How to use ZenStack in a monorepo setup?
To use ZenStack in a monorepo setup (e.g., pnpm workspace), run
zenstack init in the package where
schema.prisma resides (usually also where the global
prisma instance is exported). There's no need to install ZenStack-related packages at the workspace level.
Is ZModel fully compatible with Prisma Schema?
The ZModel language is designed to be a superset of Prisma Schema. The major extension that ZModel made to Prisma schema today are:
Using a separate DSL gives us the flexibility to add more extensions in the future; however, the goal is to maintain the "superset" positioning, i.e., every valid
schema.prisma is a valid
In practice, you may run into problems that the
schema.prisma generated by ZenStack triggers validation errors in
prisma CLI. This is because Prisma CLI has many validation rules, some quite subtle. We try to replicate those rules in
zenstack CLI, but it's more of a best-effort approach. Fortunately, the errors reported by
prisma CLI usually give pretty good hints on what to change in
We will continue improving the parity between ZModel and Prisma Schema regarding validation rules.