* Tom Lane (tgl@sss.pgh.pa.us) wrote:
> Stephen Frost <sfrost@snowman.net> writes:
> > As we don't want to end up with the same behavior-change-due-to-GUC that
> > we had with the original row_security implementation, we should change
> > the code as your patch does and update the regression tests accordingly.
>
> I think probably the tests need some adjustment rather than just stuffing
> in the new results; but I'm unsure what's most appropriate.
Right, the comments, at least, need to be updated to be correct.
> > Perhaps the error code thrown could be tailored a bit when it's the
> > owner, to indicate that FORCE RLS has been set on the table, but I'm not
> > sure it's really a big deal either way.
>
> Yeah, the error message seemed less than apropos to me too; but on the
> other hand there's an argument that FORCE RLS means "treat me just like
> everybody else".
Agreed.
> One idea would be to use the same primary error message either way,
> but add a DETAIL or HINT mentioning FORCE RLS if it's the table owner.
Having a detail or hint which indicates that seems like a great approach
to me.
Thanks!
Stephen