On 17 October 2014 07:57, Craig Ringer <cr...@2ndquadrant.com> wrote:
> On 10/17/2014 02:49 AM, Robert Haas wrote: > > I think you could probably make the DELETE policy control what can get > > deleted, but then have the SELECT policy further filter what gets > > returned. > > That seems like the worst of both worlds to me. > > Suddenly DELETE ... RETURNING might delete more rows than it reports a > resultset for. As well as being potentially dangerous for people using > it in wCTEs, etc, to me that's the most astonishing possible outcome of > all. > > I'd be much happier with even: > > ERROR: RETURNING not permitted with SELECT row-security policy > > than this. > +1 This suggestion is most in line with what I would expect to occur. Thom