On 2014-10-17 14:57:03 +0800, Craig Ringer wrote:
> On 10/17/2014 02:49 AM, Robert Haas wrote:
> > I think you could probably make the DELETE policy control what can get
> > deleted, but then have the SELECT policy further filter what gets
> > returned.
>
> That seems like the worst of both worlds to me.
>
> Suddenly DELETE ... RETURNING might delete more rows than it reports a
> resultset for. As well as being potentially dangerous for people using
> it in wCTEs, etc, to me that's the most astonishing possible outcome of all.
>
> I'd be much happier with even:
>
> ERROR: RETURNING not permitted with SELECT row-security policy
FWIW, that doesn't sound acceptable to me.
Greetings,
Andres Freund
-- Andres Freund http://www.2ndQuadrant.com/PostgreSQL Development, 24x7 Support, Training &
Services
