On 14 September 2014 16:38, Stephen Frost <sfr...@snowman.net> wrote:
> * Robert Haas (robertmh...@gmail.com) wrote: > > On Thu, Sep 11, 2014 at 3:08 PM, Stephen Frost <sfr...@snowman.net> > wrote: > > > If we want to be able to disable RLS w/o dropping the policies, then I > > > think we have to completely de-couple the two and users would then have > > > both add policies AND turn on RLS to have RLS actually be enabled for a > > > given table. I'm on the fence about that. > > > > > > Thoughts? > > > > A strong +1 for doing just that. > > Alright, updated patch attached which does just that (thanks to Adam > for the updates for this and testing pg_dump- I just reviewed it and > added some documentation updates and other minor improvements), and > rebased to master. Also removed the catversion bump, so it should apply > cleanly for people, for a while anyway. > This is testing what has been committed: # create table colours (id serial, name text, visible boolean); CREATE TABLE # insert into colours (name, visible) values ('blue',true),('yellow',true),('ultraviolet',false),('green',true),('infrared',false); INSERT 0 5 # create policy visible_colours on colours for all to joe using (visible = true); CREATE POLICY # grant all on colours to public; GRANT # grant all on sequence colours_id_seq to public; GRANT # alter table colours enable row level security ; ALTER TABLE \c - joe > select * from colours; id | name | visible ----+--------+--------- 1 | blue | t 2 | yellow | t 4 | green | t (3 rows) > insert into colours (name, visible) values ('purple',true); INSERT 0 1 > insert into colours (name, visible) values ('transparent',false); ERROR: new row violates WITH CHECK OPTION for "colours" DETAIL: Failing row contains (7, transparent, f). > select * from pg_policies ; policyname | tablename | roles | cmd | qual | with_check -----------------+-----------+-------+-----+------------------+------------ visible_colours | colours | {joe} | ALL | (visible = true) | (1 row) There was no WITH CHECK OPTION. -- Thom