On 10/30/2013 10:50 AM, Tom Lane wrote:
> Craig Ringer <craig@2ndquadrant.com> writes:
>> > I'd kind of like to see FK constraints affected by RLS for
>> > non-superusers, at least as an option.
> I think that's a complete nonstarter. Aside from the fact that such a
> constraint will have no definable semantics, even the possibility that a
> constraint doesn't mean what it appears to mean will prevent us from
> making use of FK constraints for optimization --- something that's
> pretty high on the planner to-do list.
Good point. That's another good argument for FK constraints to disregard
RLS. In which case, is there actually any way to determine when an SPI
query is being invoked directly from an FK constraint? We'll need a way
to tell so RLS can skip adding the row-security check predicate.
Users who want FK-constraint-like behaviour can DIY with triggers,
getting whatever behaviour they need in the face of RLS.
-- Craig Ringer http://www.2ndQuadrant.com/PostgreSQL Development, 24x7 Support, Training & Services