Handle policies during DROP OWNED BY DROP OWNED BY handled GRANT-based ACLs but was not removing roles from policies. Fix that by having DROP OWNED BY remove the role specified from the list of roles the policy (or policies) apply to, or the entire policy (or policies) if it only applied to the role specified.
As with ACLs, the DROP OWNED BY caller must have permission to modify the policy or a WARNING is thrown and no change is made to the policy. Branch ------ master Details ------- http://git.postgresql.org/pg/commitdiff/833728d4c8832f1d37e7aeaa723c8bc4045df32e Modified Files -------------- src/backend/catalog/pg_shdepend.c | 13 ++ src/backend/commands/policy.c | 256 +++++++++++++++++++++++++++++ src/include/commands/policy.h | 2 + src/test/regress/expected/rowsecurity.out | 14 ++ src/test/regress/sql/rowsecurity.sql | 18 ++ 5 files changed, 303 insertions(+) -- Sent via pgsql-committers mailing list (pgsql-committers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-committers