On Tue, Jan 6, 2015 at 2:48 PM, Peter Geoghegan <p...@heroku.com> wrote: > On Tue, Jan 6, 2015 at 11:25 AM, Stephen Frost <sfr...@snowman.net> wrote: >> Looks reasonable to me. Amit, does this read better for you? If so, I >> can handle making the change to the docs. > > The docs also prominently say: > > "The security-barrier qualifications will always be evaluated prior to > any user-defined functions or user-provided WHERE clauses, while the > with-check expression will be evaluated against the rows which are > going to be added to the table. By adding policies to a table, a user > can limit the rows which a given user can select, insert, update, or > delete. This capability is also known as Row Level Security or RLS." > > I would prefer it if it was clearer based on the syntax description > which qual is which. The security barrier qual "expression" should > have an identifier/name in the syntax description that is more > suggestive of "security barrier qual", emphasizing its distinctness > from "check_expression". For example, I think "barrier_expression" > would be clearer.
I thought my rewrite clarified this distinction pretty well. Maybe I'm wrong? We're talking about the same paragraph. -- Robert Haas EnterpriseDB: http://www.enterprisedb.com The Enterprise PostgreSQL Company -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers