RLS - permissive vs restrictive - Mailing list pgsql-hackers

From Thom Brown
Subject RLS - permissive vs restrictive
Date
Msg-id CAA-aLv691PYv2cwT6-aiDbBaRo0+3fpAcktK2VCM4iPX1hAobw@mail.gmail.com
Whole thread Raw
Responses Re: RLS - permissive vs restrictive
List pgsql-hackers
Hi,

It appears that I'm not the only person who finds it somewhat
unintuitive for overlapping RLS policies to be permissive rather than
restrictive (OR vs AND) (at least 3 others seem to expect AND
behaviour), although I understand the reasoning behind
it.  And I've since discovered that the same feature in another
database system uses the latter rather than the former.

I posted a brain coredump of my thoughts on the matter on Depesz's
blog (http://www.depesz.com/2014/10/02/waiting-for-9-5-row-level-security-policies-rls/#comment-187800)
and I was wondering if there's a future in allowing both systems.  The
syntax is less important than the functionality, where restrictive
policies would be AND'd, permissive policies would (like they
currently do) be OR'd, and a combination would involve all restrictive
plus at least one permissive (i.e. restr1 AND restr2 AND (perm3 OR
perm4)).

I'm just interested to know what others' thoughts on the matter are.

Thom



pgsql-hackers by date:

Previous
From: Craig Ringer
Date:
Subject: Re: Feasibility of supporting bind params for all command types
Next
From: Marti Raudsepp
Date:
Subject: Re: INSERT ... ON CONFLICT {UPDATE | IGNORE}