🥳 Happy New Year 🥳

Wish you all enjoyed the holidays and are having a great start of 2025!

New Features

• Field encryption 🔑

  Thanks @genu for implementing this much-desired (preview) feature! This feature allows you to mark fields with the @encrypted attribute and create an enhanced PrismaClient that transparently encrypt/decrypt the field values. See how to use it here.

• New attribute functions for access policies:

  • currentModel(): return the name of the model for which the policy rule is defined.
  • currentOperation(): return the operation for which the policy rule is defined for.

  These functions are handy for implementing fine-grained RBAC where users are assigned permissions for specific resources and operations. E.g.:

  model Resource {
      ...
      owner User @relation(...)
      @@allow('all', 
          owner.roles?[
              permissions?[resource == currentModel() && action == currentOperation()
      ]])
  }

Fixes and Improvements

• [openapi] generate "id" field type according to its declared type in ZModel #1908
• [zmodel] check for cyclic model inheritance and report errors
• [delegate] fixed incorrect injection when check() function is used with delegate models #1930
• [delegate] fixed errors when selecting "_count" of relation fields defined in delegate base models #1467
• [rest-api] return an empty object response with status 200 for "DELETE" route #1668
• [delegate] don't inherit @@schema attribute from base if the attribute is already defined in a sub model #1647

Full Changelog: v2.10.2...v2.11.0