| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Jong-won Choi <jongwon(at)ticketsquad(dot)com> |
| Cc: | "pgsql-general(at)postgresql(dot)org" <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: Row level security policy - calling function for right hand side value of 'in' in using_expression |
| Date: | 2017-02-03 06:14:19 |
| Message-ID: | 24255.1486102459@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Jong-won Choi <jongwon(at)ticketsquad(dot)com> writes:
> I have a RLS policy definition like:
> CREATE POLICY promoter_policy ON Agency
> USING (promoter in build_valid_promoter_list())
> WITH CHECK (promoter in build_valid_promoter_list());
That's failing basic SQL expression syntax: the RHS of "IN" has
to be a parenthesized sub-select or array value. You'd have better
luck with (promoter in (select * from build_valid_promoter_list()))
... syntax-wise, at least. I'm not sure if we allow sub-selects
in RLS conditions.
Personally I'd write that more like
USING (check_valid_promoter(promoter))
with that function being defined in the obvious way. There's little
reason to enumerate the entire set of valid promoters if you only
need to find out whether one specific value is one.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Andreas Joseph Krogh | 2017-02-03 08:29:56 | Re: RUM-index and support for storing BIGINT as part of a tsvector+timestamp |
| Previous Message | Jong-won Choi | 2017-02-03 05:24:39 | Row level security policy - calling function for right hand side value of 'in' in using_expression |