Home > mailing lists

Re: [COMMITTERS] pgsql: Row-Level Security Policies (RLS) - Mailing list pgsql-hackers

From	Stephen Frost
Subject	Re: [COMMITTERS] pgsql: Row-Level Security Policies (RLS)
Date	May 26, 2015 16:08:05
Msg-id	20150526130800.GA26667@tamriel.snowman.net Whole thread Raw
In response to	Re: [COMMITTERS] pgsql: Row-Level Security Policies (RLS) (Alvaro Herrera <alvherre@2ndquadrant.com>)
Responses	Re: [COMMITTERS] pgsql: Row-Level Security Policies (RLS)
List	pgsql-hackers

Tree view

Alvaro,

* Alvaro Herrera (alvherre@2ndquadrant.com) wrote:
> What do we need RowSecurityPolicy->policy_id for?  It seems to me that
> it is only used to determine whether the policy is the "default deny"
> one, so that it can later be removed if a hook adds a different one.
> This seems contrived as well as under-documented.  Why isn't a boolean
> flag sufficient?

Thanks for taking a look!

It's also used during relcache updates (see equalPolicy()).  That wasn't
originally the case (I had missed adding the necessary bits to relcache
in the original patch), but I wouldn't want to remove that piece now
and, given that it's there, using InvalidOid to indicate when it's the
default-deny policy (and therefore this is no actual Oid) seems
sensible.
Thanks again!
    Stephen

pgsql-hackers by date:

From: Andrew Dunstan
Date: 26 May 2015, 15:55:33
Subject: Re: PostgreSQL 8.3 index page count clarification

From: Tom Lane
Date: 26 May 2015, 17:23:15
Subject: Re: Order of columns in query is important?!

Re: [COMMITTERS] pgsql: Row-Level Security Policies (RLS) - Mailing list pgsql-hackers

Previous

Next