Thread: RLS bug?

Example session, from master branch:

postgres=# create table rowtest (key int4 primary key, val text);
CREATE TABLE
postgres=# alter table rowtest enable row level security;
ALTER TABLE
postgres=# create role bob;
CREATE ROLE
postgres=# CREATE POLICY test ON rowtest
    FOR INSERT
    TO bob
    WITH CHECK (key % 3 = 0 );
CREATE POLICY
postgres=# CREATE POLICY test2 ON rowtest
    FOR UPDATE
    TO bob
    WITH CHECK (key % 2 = 0 );
CREATE POLICY
postgres=# \d rowtest
    Table "public.rowtest"
 Column |  Type   | Modifiers
--------+---------+-----------
 key    | integer | not null
 val    | text    |
Indexes:
    "rowtest_pkey" PRIMARY KEY, btree (key)
Policies:
    POLICY "test" FOR INSERT
      TO bob
      WITH CHECK ((key % 3) = 0)
    POLICY "test2"
      TO bob
      WITH CHECK ((key % 2) = 0)


Why is the policy "test2" not listed as applying only "FOR UPDATE"? If
this is the intended behavior, it is not consistent with the
documentation, which states: "Using UPDATE for a policy means that it
will apply to UPDATE commands".
--
Peter Geoghegan

Peter,

* Peter Geoghegan (pg@heroku.com) wrote:
> Why is the policy "test2" not listed as applying only "FOR UPDATE"? If
> this is the intended behavior, it is not consistent with the
> documentation, which states: "Using UPDATE for a policy means that it
> will apply to UPDATE commands".

Yeah, that looks like an issue..  I'll look into it.

    Thanks!

        Stephen

Peter,

* Peter Geoghegan (pg@heroku.com) wrote:
> Why is the policy "test2" not listed as applying only "FOR UPDATE"? If
> this is the intended behavior, it is not consistent with the
> documentation, which states: "Using UPDATE for a policy means that it
> will apply to UPDATE commands".

It wasn't intentional and I had been meaning to get to it, but Tom beat
me to it.  master now handles this correctly.

    Thanks!

        Stephen