Postgres Pro
Downloads
Home   >   mailing lists

Re: [GENERAL] Row level security policy - calling function for right hand side value of 'in' in using_expression - Mailing list pgsql-general

From Tom Lane
Subject Re: [GENERAL] Row level security policy - calling function for right hand side value of 'in' in using_expression
Date
Msg-id 24255.1486102459@sss.pgh.pa.us
Whole thread Raw
In response to [GENERAL] Row level security policy - calling function for right hand sidevalue of 'in' in using_expression  (Jong-won Choi <jongwon@ticketsquad.com>)
Responses Re: [GENERAL] Row level security policy - calling function for righthand side value of 'in' in using_expression  (Jong-won Choi <jongwon@ticketsquad.com>)
List pgsql-general
Tree view 
Jong-won Choi <jongwon@ticketsquad.com> writes:
> I have a RLS policy definition like:
>          CREATE POLICY promoter_policy ON Agency
>          USING (promoter in build_valid_promoter_list())
>          WITH CHECK (promoter in build_valid_promoter_list());

That's failing basic SQL expression syntax: the RHS of "IN" has
to be a parenthesized sub-select or array value.  You'd have better
luck with (promoter in (select * from build_valid_promoter_list()))
... syntax-wise, at least.  I'm not sure if we allow sub-selects
in RLS conditions.

Personally I'd write that more like
    USING (check_valid_promoter(promoter))
with that function being defined in the obvious way.  There's little
reason to enumerate the entire set of valid promoters if you only
need to find out whether one specific value is one.

            regards, tom lane

pgsql-general by date:

Previous
From: Jong-won Choi
Date:
Subject: [GENERAL] Row level security policy - calling function for right hand sidevalue of 'in' in using_expression
Next
From: Andreas Joseph Krogh
Date:
Subject: Re: [GENERAL] RUM-index and support for storing BIGINT as part of a tsvector+timestamp