Re: RLS related docs

On 09/15/2016 02:34 PM, Joe Conway wrote:
> On 09/15/2016 01:33 PM, Robert Haas wrote:
>> On Sun, Aug 28, 2016 at 4:23 PM, Joe Conway <mail(at)joeconway(dot)com> wrote:
>>>>> For COPY, I think perhaps it would be more logical to put the new note
>>>>> immediately after the third note which describes the privileges
>>>>> required, since it's kind of related, and then we can talk about the
>>>>> RLS policies required, e.g.:
>>>>>
>>>>> If row-level security is enabled for the table, COPY table TO is
>>>>> internally converted to COPY (SELECT * FROM table) TO, and the
>>>>> relevant security policies are applied. Currently, COPY FROM is not
>>>>> supported for tables with row-level security.
>>>>
>>>> This sounds better than what I had, so I will do it that way.
>>>
>>> Apologies for the delay, but new patch attached. Assuming no more
>>> comments, will commit this, backpatched to 9.5, in a day or two.
>>
>> I don't think this was ever committed, but my comment is that it seems
>> to be exposing rather more of the implementation than is probably
>> wise. Can't we say that SELECT policies will apply rather than saying
>> that it is internally converted to a SELECT?

Committed that way, backpatched to 9.5.

Joe

--
Crunchy Data - http://crunchydata.com
PostgreSQL Support for Secure Enterprises
Consulting, Training, & Open Source Development