The following documentation comment has been logged on the website:
Page: https://www.postgresql.org/docs/10/static/ddl-rowsecurity.html
Description:
PostgreSQL 10
https://www.postgresql.org/docs/10/static/ddl-rowsecurity.html
cite
To use a different policy for rows that are being added to the table
compared to those rows that are visible, the WITH CHECK clause can be used.
This policy would allow all users to view all rows in the users table, but
only modify their own:
CREATE POLICY user_policy ON users
USING (true)
WITH CHECK (user_name = current_user);
end cite
This is is wrong description. Every one can steal other row with such
policy. Lets demonstrate.
You are now connected to database "olleg" as user "olleg".
olleg@[local]:9700/olleg
=> create table users (user_name text primary key, description text);
CREATE TABLE
olleg@[local]:9700/olleg
=> ALTER TABLE users ENABLE ROW LEVEL SECURITY;
ALTER TABLE
olleg@[local]:9700/olleg
=> grant all on users to public;
GRANT
=> CREATE POLICY user_policy ON users
-> USING (true)
-> WITH CHECK (user_name = current_user);
CREATE POLICY
olleg@[local]:9700/olleg
=> insert into users (user_name) values ('olleg');
INSERT 0 1
olleg@[local]:9700/olleg
=> set role postgres;
SET
olleg@[local]:9700/olleg
=# create user test with password 'test' login;
CREATE ROLE
=# \c olleg test localhost 9700
SSL connection (protocol: TLSv1.2, cipher: ECDHE-RSA-AES256-GCM-SHA384,
bits: 256, compression: off)
You are now connected to database "olleg" as user "test" on host "localhost"
at port "9700".
test@localhost:9700/olleg
=> select * from users;
user_name | description
-----------+-------------
olleg |
(1 row)
test@localhost:9700/olleg
=> update users set user_name='test', description='a rude hack';
UPDATE 1
test@localhost:9700/olleg
=> select * from users;
user_name | description
-----------+-------------
test | a rude hack
(1 row)
