Re: RLS related docs

On 09/15/2016 01:33 PM, Robert Haas wrote:
> On Sun, Aug 28, 2016 at 4:23 PM, Joe Conway <mail(at)joeconway(dot)com> wrote:
>>>> For COPY, I think perhaps it would be more logical to put the new note
>>>> immediately after the third note which describes the privileges
>>>> required, since it's kind of related, and then we can talk about the
>>>> RLS policies required, e.g.:
>>>>
>>>> If row-level security is enabled for the table, COPY table TO is
>>>> internally converted to COPY (SELECT * FROM table) TO, and the
>>>> relevant security policies are applied. Currently, COPY FROM is not
>>>> supported for tables with row-level security.
>>>
>>> This sounds better than what I had, so I will do it that way.
>>
>> Apologies for the delay, but new patch attached. Assuming no more
>> comments, will commit this, backpatched to 9.5, in a day or two.
>
> I don't think this was ever committed, but my comment is that it seems
> to be exposing rather more of the implementation than is probably
> wise. Can't we say that SELECT policies will apply rather than saying
> that it is internally converted to a SELECT?

I've not committed it yet because I was going to look into the new info
Dean mentioned first. Seems like your wording is fine, so will make that
change.

Joe

--
Crunchy Data - http://crunchydata.com
PostgreSQL Support for Secure Enterprises
Consulting, Training, & Open Source Development