Home > mailing lists

Re: RLS Design - Mailing list pgsql-hackers

From	Stephen Frost
Subject	Re: RLS Design
Date	September 19, 2014 19:32:35
Msg-id	20140919163230.GG16422@tamriel.snowman.net Whole thread Raw
In response to	Re: RLS Design (Thom Brown <thom@linux.com>)
Responses	Re: RLS Design (Thom Brown <thom@linux.com>)
List	pgsql-hackers

Tree view

Thom,

Thanks!

* Thom Brown (thom@linux.com) wrote:
> On 14 September 2014 16:38, Stephen Frost <sfrost@snowman.net> wrote:
> # create policy visible_colours on colours for all to joe using (visible =
> true);
> CREATE POLICY
[...]
> > insert into colours (name, visible) values ('transparent',false);
> ERROR:  new row violates WITH CHECK OPTION for "colours"
> DETAIL:  Failing row contains (7, transparent, f).
>
> > select * from pg_policies ;
>    policyname    | tablename | roles | cmd |       qual       | with_check
> -----------------+-----------+-------+-----+------------------+------------
>  visible_colours | colours   | {joe} | ALL | (visible = true) |
> (1 row)
>
> There was no WITH CHECK OPTION.

As I hope is clear if you look at the documentation- if the WITH CHECK
clause is omitted, then the USING clause is used for both filtering and
checking new records, otherwise you'd be able to add records which
aren't visible to you.
Thanks!
    Stephen

pgsql-hackers by date:

From: Thom Brown
Date: 19 September 2014, 19:30:07
Subject: Re: RLS Design

From: Stephen Frost
Date: 19 September 2014, 19:38:42
Subject: Re: RLS Design

Re: RLS Design - Mailing list pgsql-hackers

Previous

Next