While doing some testing I noticed that RLS policy not getting honer while pg_dump on declarative partition.
I can understand that while doing SELECT on individual child table, policy of parent is not getting applied. But is this desirable behaviour? I think for partitions, any policy on the root table should get redirect to the child, thoughts?
If current behaviour is desirable then atleast we should document this.
Consider the below test:
\c postgres rushabh
CREATE USER rls_test_user1;
CREATE TABLE tp_sales ( visibility VARCHAR(30), sales_region VARCHAR(30) ) PARTITION BY LIST (sales_region);
create table tp_sales_p_india partition of tp_sales for values in ('INDIA'); create table tp_sales_p_rest partition of tp_sales for values in ('REST');
insert into tp_sales values ( 'hidden', 'INDIA'); insert into tp_sales values ( 'visible', 'INDIA'); insert into tp_sales values ( 'hidden', 'REST'); insert into tp_sales values ( 'visible', 'REST');
GRANT SELECT ON tp_sales to rls_test_user1; GRANT SELECT ON tp_sales_p_india to rls_test_user1; GRANT SELECT ON tp_sales_p_rest to rls_test_user1;
ALTER TABLE tp_sales ENABLE ROW LEVEL SECURITY;
CREATE POLICY dump_p1 ON tp_sales FOR ALL USING (visibility = 'visible');
\c - rls_test_user1
-- SELECT honer the policy SELECT * FROM tp_sales;
When we run the pg_dump using user rls_test_user1, can see the hidden rows in the pg_dump output.
