| From: | Akshay Joshi <akshay(dot)joshi(at)enterprisedb(dot)com> |
|---|---|
| To: | jian he <jian(dot)universality(at)gmail(dot)com> |
| Cc: | Philip Alger <paalger0(at)gmail(dot)com>, pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: [PATCH] Add pg_get_policy_ddl() function to reconstruct CREATE POLICY statement |
| Date: | 2025-10-16 11:47:22 |
| Message-ID: | CANxoLDeAqK9d5iC4Ou9GuyRfNGvXyAm1=cYysGKTTTpaUj1Gyw@mail.gmail.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Thu, Oct 16, 2025 at 2:45 PM jian he <jian(dot)universality(at)gmail(dot)com> wrote:
> hi. I still can not compile your v2.
>
> ../../Desktop/pg_src/src1/postgres/src/backend/utils/adt/ruleutils.c:
> In function ‘get_formatted_string’:
>
> ../../Desktop/pg_src/src1/postgres/src/backend/utils/adt/ruleutils.c:13770:9:
> error: function ‘get_formatted_string’ might be a candidate for
> ‘gnu_printf’ format attribute [-Werror=suggest-attribute=format]
> 13770 | appendStringInfoVA(buf, fmt, args);
> | ^~~~~~~~~~~~~~~~~~
> cc1: all warnings being treated as errors
>
I’m relatively new to PostgreSQL development. I’m working on setting up the
CI pipeline and will try to fix all warnings.
>
> Maybe you can register your patch on https://commitfest.postgresql.org/
> then it will run all CI tests on all kinds of OS.
>
> row security policy qual and with_check_qual can contain sublink/subquery.
> but pg_get_expr can not cope with sublink/subquery.
>
> see pg_get_expr comments below:
> * Currently, the expression can only refer to a single relation, namely
> * the one specified by the second parameter. This is sufficient for
> * partial indexes, column default expressions, etc. We also support
> * Var-free expressions, for which the OID can be InvalidOid.
>
> see commit 6867f96 and
>
> https://www.postgresql.org/message-id/flat/20211219205422.GT17618%40telsasoft.com
>
> I guess (because I can not compile, mentioned above):
> "ERROR: expression contains variables"
> can be triggered by the following setup:
>
> create table t(a int);
> CREATE POLICY p1 ON t AS RESTRICTIVE FOR ALL
> USING (a IS NOT NULL AND (SELECT 1 = 1 FROM pg_rewrite WHERE
> pg_get_function_arg_default(ev_class, 1) !~~ pg_get_expr(ev_qual, 0,
> false)));
> SELECT pg_get_policy_ddl('t', 'p1', true);
>
The above example works fine with my patch
[image: Screenshot 2025-10-16 at 5.08.10 PM.png]
>
> You can also check my patch at
> https://commitfest.postgresql.org/patch/6054/
> which similarly needs to build the POLICY definition for reconstruction.
>
> see RelationBuildRowSecurity, checkExprHasSubLink also.
>
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Amul Sul | 2025-10-16 11:48:31 | Re: pg_waldump: support decoding of WAL inside tarfile |
| Previous Message | Christoph Berg | 2025-10-16 11:38:35 | failed NUMA pages inquiry status: Operation not permitted |