The following bug has been logged on the website:
Bug reference: 13694
Logged by: Justin Catterson
Email address: justin.catterson@sofiebio.com
PostgreSQL version: 9.5beta1
Operating system: Ubuntu 14.10 x64
Description:
Users with the CREATEUSER permission do not evaluate Row Level Security
functions. pg_user usebypassrls is set to false.
To repeat:
CREATE POLICY ... WITH CHECK ((Select myFunction()))
CREATE USER my_user;
ALTER USER my_user WITH CREATEUSER;
Have myFunction() return a result of False;
Update a record belonging to policy.
Record will successfully update, when it should fail.
ALTER USER my_user WITH NOCREATEUSER;
Update a record belonging to policy.
Record will fail as expected.