Supabase is an open source Firebase alternative. Start your project with a Postgres database, Authentication, instant APIs, Edge Functions, Realtime subscriptions, and Storage.

Supabase

Sorry if that might be a dumb question, but does RLS work for views?

I don't think so.   You might be able to use an RPC function though to return a "secure" table.  You also can add a where clause to the view with some checks.

It actually depends what you mean by "work for views". The answer is NOT simple but it is rougly this:
 - you CANNOT define RLS on a view;
 - a view is always executed in the context of the postgres role which defined the view;
 - a view will still respect the RLS defined on the underlying table AS LONG AS the role which defined the view does NOT bypass RLS altogether (such roles are superusers and roles that have the BYPASSRLS permission - this is true for the user in the Supabase SQL editor, so if you define views there, they will NOT respect RLS)

you can read more here: https://www.cybertec-postgresql.com/en/postgresql-row-level-security-views-and-a-lot-of-magic/

"You also can add a where clause to the view with some checks." - this is definitely an option, just keep in mind that this approach usually requires to mark the view with a security_barrier (you can read more about it here: https://www.postgresql.org/docs/13/rules-privileges.html)