Re: PostgreSQL - Mailing list pgsql-general

From Laurenz Albe
Subject Re: PostgreSQL
Date
Msg-id 5aec0a43c2e3d4c7be2d010b0e0684253cdb1f1e.camel@cybertec.at
Whole thread Raw
In response to Re: PostgreSQL  (Joseph Kennedy <joseph.kennedy.486@gmail.com>)
List pgsql-general
On Sun, 2023-04-02 at 23:21 +0200, Joseph Kennedy wrote:
> I have one more question on this topic regarding Row Level Security.
>
> I would like to hide some rows for users who should have full rights to database
> eg. create Index, drop table, create tabel etc. but e.g.  create index can be
> done by owner or superusers but they are bypassed by Row Level Security.
>
> Is possible to use RLS for users who should have full rights to database ?

If "full rights" implies dropping tables, the user must either be the owner
of these tables or a superuser.  You cannot use Row Level Security with a
superuser.  You can use ALTER TABLE ... FORCE ROW LEVEL SECURITY, so that
Row Level Security applies to the table owner as well, but you cannot keep
the owner from disabling that setting.

Yours,
Laurenz Albe



pgsql-general by date:

Previous
From: Arnaud Lesauvage
Date:
Subject: RE: Cannot terminate backend
Next
From: Laurenz Albe
Date:
Subject: Re: Question on creating keys on partitioned tables