Can row level security policies also be implemented for views?

From: Caleb Meredith <calebmeredith8(at)gmail(dot)com>
To:
Cc: "pgsql-general(at)postgresql(dot)org" <pgsql-general(at)postgresql(dot)org>
Subject: Can row level security policies also be implemented for views?
Date: 2015-11-24 20:30:11
Message-ID: CABFpK61qMeiVwrFOBU0L=sXqi7X1T_029_a1VbgicxtT_utT3A@mail.gmail.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-general

I'm developing an application where strict control of my data is important.
Views allow me to build a strict custom reading experience, allowing me to
add computed columns and hide private and metadata columns. Row level
security allows me strict write control of my data. However, I can't use
both technologies together, why?

It seems easy conceptually, RLS just adds a WHERE clause to queries if I'm
not mistaken, and conceptually a view is just a query. The CURRENT_USER
issue is valid, but personally it's not too big for me as most auth is done
through database parameters.

Responses

Browse pgsql-general by date

  From Date Subject
Next Message Chris Richards 2015-11-24 20:48:46 Re: What could cause CREATE TEMP... "could not read block" error?
Previous Message Bruce Momjian 2015-11-24 20:04:12 Re: Problems with pg_upgrade after change of unix user running db.