Skip to main content

24 posts tagged with "zenstack"

View All Tags

Supabase RLS Alternative

· 14 min read
Jiasheng
Co-founder of ZenStack

Cover Image

A Short History of BaaS

In the early days of web and mobile app development, building a backend from scratch was laborious and error-prone. Developers had to manage servers, databases, and infrastructure and ensure scalability while writing the core business logic of their applications. Then came BaaS(Backend-as-a-Service), promising to liberate developers from this burden.

How the "check" Function Helps Keep Your Policies DRY

· 6 min read
Yiming
Co-founder of ZenStack

Cover Image

Among ZenStack's features, the most beloved one is the ability to define access control policies inside the data schema. This ensures that your rules are colocated with the source code, always in sync with the data model, and easy to understand. It arguably provides a superior DX to other solutions like hand-coded authorization logic, or Postgres row-level security.

However, as your application grows more complex, you may find yourself repeating the same policy patterns across multiple models. This post explores one typical pattern of such duplication and demonstrates how the new check() attribute function can help you keep your policies DRY.

How To Build a Scalable SaaS Backend in 10 Minutes With 100 Lines of Code

· 7 min read
Jiasheng
Co-founder of ZenStack

Cover Image

It’s hard to build a scalable SaaS system

Having been involved in the development of four commercial SaaS products at my previous company, I've come to realize the multitude of complexities that arise compared to typical consumer products. Among these complexities, one prominent area lies in the intricate realm of permission control and access policies.

How to Build an Extensible System With Less Technical Debt From Day One

· 6 min read
Jiasheng
Co-founder of ZenStack

Cover Image

Have you ever built a product from scratch? If so, I bet you definitely experienced the trade-off between the design quality and time to market. In fact, you might have to struggle with it more than you expected. In Shopify's practice Deconstructing the Monolith: Designing Software that Maximizes Developer Productivity, they get the conclusion below:

In conclusion, no architecture is often the best architecture in the early days of a system. This isn’t to say don’t implement good software practices, but don’t spend weeks and months attempting to architect a complex system that you don’t yet know. Martin Fowler’s Design Stamina Hypothesis does a great job of illustrating this idea, by explaining that in the early stages of most applications, you can move very quickly with little design. It’s practical to trade off design quality for time to market. Once the speed at which you can add features and functionality begins to slow down, that’s when it’s time to invest in good design.

Where Did Microservices Go

· 10 min read
Jiasheng
Co-founder of ZenStack

Cover Image

When I quit Microsoft and joined the startup company in 2015, the first thing I learned is the concept of Microservices. It was touted as the future of software development, promising increased scalability, flexibility, and resilience. It seems everyone was jumping on the bandwagon, even the fledgling startups despite the inhere challenges involved. There was a joke about it:

There’s a thousand-line program here, we’ve got to break it to make it down into 10 hundred-line programs.

How to Build a Fully Functional ToDo SaaS Using Next.js and ZenStack's Access Control Policy

· 10 min read
Jiasheng
Co-founder of ZenStack

Cover Image

Almost all the SaaS now is collaborative, from the originator Salesforce to the newly emerging one like Notion. To make it collaborative, technically, we need to build the foundation to support tenant isolation with an access control policy. A classic challenge here is striking a balance between app security and dev productivity. ZenStack’s access policy provides an innovative way to achieve that balance using the declarative schema.