Hey Daniel (are you from Spain BTW? I am!),
I’m not from Plasmic team, just a new excited user of Plasmic, so I hope I don’t make any mistakes.
Yes, RLS is only available through the API/SDK. As Plasmic does a direct connection we have to treat it as a normal database (it’s a bit unfortunate tbh).
Apart from hiding it, you can limit who or which roles can perform the data operation. You can watch it in the final part of the “Users logins and permissions” video: https://youtu.be/hVzqjtkcEyk?t=206
As far as I’ve understood, when you use the Supabase auth integration with Plasmic from that template, what it does under the hood is it creates a “Plasmic auth” user for every user created in Supabase. That way you still use Supabase auth but you can use the normal User, Roles, Permissions… that Plasmic offers (this is my interpretation, take it with a pinch of salt and hopefully someone from the team can confirm/clarify).
You can learn more about how it works in this doc: Auth integration | Learn Plasmic (even though it explains what we would have to install and how if we didn’t clone the template, it also describes the internal inner workings of the solution).
I really really hope they step up their Supabase integration with the SDK and without having to create a custom project, etc. That and charts are their only weak spots for me that Plasmic has. But it is my favorite lowcode solution after extensive research.
Hope that helps. Cheers!