Re: RLS Design

From: "Brightwell, Adam" <adam(dot)brightwell(at)crunchydatasolutions(dot)com>
To: Robert Haas <robertmhaas(at)gmail(dot)com>
Cc: Stephen Frost <sfrost(at)snowman(dot)net>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Dean Rasheed <dean(dot)a(dot)rasheed(at)gmail(dot)com>, Craig Ringer <craig(at)2ndquadrant(dot)com>, PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org>, Yeb Havinga <yeb(dot)havinga(at)portavita(dot)nl>
Subject: Re: RLS Design
Date: 2014-07-18 23:01:13
Message-ID: CAKRt6CSAvMxf83eh88cu2crsQ9gibd=BumdhTHm2Wbym9KqHWg@mail.gmail.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

>
> I think we do want a way to modify policies. However, we tend to
> avoid syntax that involves unnatural word order, as this certainly
> does. Maybe it's better to follow the example of CREATE RULE and
> CREATE TRIGGER and do something this instead:
>
> CREATE POLICY policy_name ON table_name USING quals;
> ALTER POLICY policy_name ON table_name USING quals;
> DROP POLICY policy_name ON table_name;
>
> The advantage of this is that you can regard "policy_name ON
> table_name" as the identifier for the policy throughout the system.
> You need some kind of identifier of that sort anyway to support
> COMMENT ON, SECURITY LABEL, and ALTER EXTENSION ADD/DROP for policies.

Sounds good. I certainly think it makes a lot of sense to include the
ALTER functionality, if for no other reason than ease of use.

Another item to consider, though I believe it can come later, is per-action
policies. Following the above suggested syntax, perhaps that might look
like the following?

CREATE POLICY policy_name ON table_name FOR action USING quals;
ALTER POLICY policy_name ON table_name FOR action USING quals;
DROP POLICY policy_name ON table_name FOR action;

I was also giving some thought to the use of "POLICY", perhaps I am wrong,
but it does seem it could be at risk of becoming ambiguous down the road.
I can't think of any specific examples at the moment, but my concern is
what happens if we wanted to add another "type" of policy, whatever that
might be, later? Would it make more sense to go ahead and qualify this a
little more with "ROW SECURITY POLICY"?

Thanks,
Adam

--
Adam Brightwell - adam(dot)brightwell(at)crunchydatasolutions(dot)com
Database Engineer - www.crunchydatasolutions.com

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Tom Lane 2014-07-19 00:35:53 Issues with dropped columns in views depending on functions
Previous Message 土卜皿 2014-07-18 22:35:24 Re: how to reach D5 in tuplesort.c 's polyphase merge algorithm?