Supported Versions: Current (16) / 15 / 14 / 13 / 12
Development Versions: devel
Unsupported versions: 11 / 10 / 9.6 / 9.5

53.38. pg_policy

The catalog pg_policy stores row-level security policies for tables. A policy includes the kind of command that it applies to (possibly all commands), the roles that it applies to, the expression to be added as a security-barrier qualification to queries that include the table, and the expression to be added as a WITH CHECK option for queries that attempt to add new records to the table.

Table 53.38. pg_policy Columns

Column Type

Description

oid oid

Row identifier

polname name

The name of the policy

polrelid oid (references pg_class.oid)

The table to which the policy applies

polcmd char

The command type to which the policy is applied: r for SELECT, a for INSERT, w for UPDATE, d for DELETE, or * for all

polpermissive bool

Is the policy permissive or restrictive?

polroles oid[] (references pg_authid.oid)

The roles to which the policy is applied; zero means PUBLIC (and normally appears alone in the array)

polqual pg_node_tree

The expression tree to be added to the security barrier qualifications for queries that use the table

polwithcheck pg_node_tree

The expression tree to be added to the WITH CHECK qualifications for queries that attempt to add rows to the table


Note

Policies stored in pg_policy are applied only when pg_class.relrowsecurity is set for their table.

Submit correction

If you see anything in the documentation that is not correct, does not match your experience with the particular feature or requires further clarification, please use this form to report a documentation issue.