| From: | Robert Haas <robertmhaas(at)gmail(dot)com> |
|---|---|
| To: | Joe Conway <mail(at)joeconway(dot)com> |
| Cc: | Dean Rasheed <dean(dot)a(dot)rasheed(at)gmail(dot)com>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: RLS related docs |
| Date: | 2016-09-15 18:33:31 |
| Message-ID: | CA+Tgmoae_C5=raLhuxEWAzdOdMA7d1k0JXsnyqZ5H2dZu9vTWg@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Sun, Aug 28, 2016 at 4:23 PM, Joe Conway <mail(at)joeconway(dot)com> wrote:
>>> For COPY, I think perhaps it would be more logical to put the new note
>>> immediately after the third note which describes the privileges
>>> required, since it's kind of related, and then we can talk about the
>>> RLS policies required, e.g.:
>>>
>>> If row-level security is enabled for the table, COPY table TO is
>>> internally converted to COPY (SELECT * FROM table) TO, and the
>>> relevant security policies are applied. Currently, COPY FROM is not
>>> supported for tables with row-level security.
>>
>> This sounds better than what I had, so I will do it that way.
>
> Apologies for the delay, but new patch attached. Assuming no more
> comments, will commit this, backpatched to 9.5, in a day or two.
I don't think this was ever committed, but my comment is that it seems
to be exposing rather more of the implementation than is probably
wise. Can't we say that SELECT policies will apply rather than saying
that it is internally converted to a SELECT?
--
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tomas Vondra | 2016-09-15 18:48:09 | Re: Vacuum: allow usage of more than 1GB of work mem |
| Previous Message | Robert Haas | 2016-09-15 18:32:32 | Re: RLS related docs |