Ted Toth <txtoth@gmail.com> writes: > I'm trying to understand when RLS select policy is applied so I created the > follow to test but I don't understand why the query filter order is > different for the 2 queries can anyone explain?
The core reason why not is that the ~~ operator isn't considered leakproof. Plain text equality is leakproof, so it's safe to evaluate ahead of the RLS filter --- and we'd rather do so because the plpgsql function is assumed to be much more expensive than a built-in operator.
(~~ isn't leakproof because it can throw errors that expose information about the pattern argument.)
