Why store this as a massivejsonb blob instead of a table? How do we plan on efficiently getting a list of all templates the user has access to?

It's basically the same way everything else is done. You get a list of all the templates and then you filter it through the auth filter for the subset of templates that you have access to. Just wrote a test for thishere

For workspaces, itkinda does this, but we still query by the owner so it's lessened significantly.

I guess the use-case I have in mind is 10 templates with 10 users on each... for every HTTP request we'll load 100 entries into memory and check against them? That sounds like a lot of excess when we could (I don't see why not, but maybe there's a reason) have a table that just has the user ID indexed...

The memory overhead is unfortunate but this way plays better with rego is the short answer. We can look into rewriting it if you think it's a showstopper, I'm not sold onjsonb but joining tables doesn't play well with sqlc either so the maintainability of the code might suffer as a result of trying to glue everything together.

is_ isn't necessary here

Deleted should beDelete in this name pattern

Why can't this be done withsqlc instead?

because it exposes ajson.RawMessage through the API. I wanted to preserve type safety as much as possible since we can't enforce the jsonb structure in the DB

I'm not convinced we should escape sqlc here... this function is only used once, so why not just do the struct conversion where it's queried from instead?

there's unfortunately multiple problems when I tried to write this withsqlc. One is that it didn't recognize the intermediatevalue column in the subquery. When I tried to jank around that the resulting return type was wildly different than what I tried to express 😞