| From: | jian he <jian(dot)universality(at)gmail(dot)com> |
|---|---|
| To: | Dean Rasheed <dean(dot)a(dot)rasheed(at)gmail(dot)com> |
| Cc: | Viktor Holmberg <v(at)viktorh(dot)net>, PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Docs and tests for RLS policies applied by command type |
| Date: | 2025-11-06 02:45:58 |
| Message-ID: | CACJufxEm2WdvtpsVjKG8hE6R=JKaibbwog62vnzeM=CVp=d2Tg@mail.gmail.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Mon, Nov 3, 2025 at 7:22 PM Dean Rasheed <dean(dot)a(dot)rasheed(at)gmail(dot)com> wrote:
>
> Yeah, reading through the text on that page in more detail, there are
> a number of other omissions, or places that aren't quite fully
> correct, so I've gone through those and attempted to improve things.
>
> Also, I think it would be better if the table made the distinction
> between policy checks that just filter out rows, without throwing an
> error, and checks that do cause an error to be thrown.
>
> v4 attached.
>
some of the <literal> can be replaced by <command>, for example:
+ A <literal>MERGE</literal> command requires <literal>SELECT</literal>
+ permissions on both the source and target relations, and so each
currently the visual appearance is the same, I guess it's not a big deal.
(Table 300. Policies Applied by Command Type) is way more intuitive.
overall looks good to me.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | John Naylor | 2025-11-06 02:59:50 | Re: GiST README typos |
| Previous Message | Shinya Kato | 2025-11-06 02:29:31 | Re: Logical Replication of sequences |