Perform RLS WITH CHECK before constraints, etc
The RLS capability is built on top of the WITH CHECK OPTION
system which was added for auto-updatable views, however, unlike
WCOs on views (which are mandated by the SQL spec to not fire until
after all other constraints and checks are done), it
Fix file comment for test_rls_hooks.c
The file-level comment wasn't updated when it was copied from the shared
memory queue test module. Fixed.
Noted by Dean Rasheed.
Branch
--
master
Details
---
http://git.postgresql.org/pg/commitdiff/410cbfd6dd778e8f388fd0d7ee9d84f833700da5
* Stephen Frost (sfr...@snowman.net) wrote:
RLS fixes, new hooks, and new test module
Looks like the buildfarm is unhappy with this.. On first blush, I
believe the installcheck path isn't loading the module from the config
file.. Looking into it.
Thanks,
Stephen
Fix installcheck for test_rls_hooks
As pointed out by the buildfarm, test_rls_hooks wasn't functioning
properly with a clean installcheck. test_rls_hooks needs to explicitly
load the library with the hooks in it, to allow installcheck to work;
using the --temp-config doesn't help since that
Pull in tableoid for inheiritance with rowMarks
As noted by Etsuro Fujita [1] and Dean Rasheed[2],
cb1ca4d800621dcae67ca6c799006de99fa4f0a5 changed ExecBuildAuxRowMark()
to always look for the tableoid in the target list, but didn't also
change preprocess_targetlist() to always include the
RLS fixes, new hooks, and new test module
In prepend_row_security_policies(), defaultDeny was always true, so if
there were any hook policies, the RLS policies on the table would just
get discarded. Fixed to start off with defaultDeny as false and then
properly set later if we detect that only
Fix typo in relcache's equalPolicy()
The USING policies were not being checked for differences as the same
policy was being passed in to both sides of the equal(). This could
result in backends not realizing that a policy had been changed, if
none of the other attributes had been changed.
Fix
GetUserId() changes to has_privs_of_role()
The pg_stat and pg_signal-related functions have been using GetUserId()
instead of has_privs_of_role() for checking if the current user should
be able to see details in pg_stat_activity or signal other processes,
requiring a user to do 'SET ROLE' for
Fix pg_dump handling of extension config tables
Since 9.1, we've provided extensions with a way to denote
configuration tables- tables created by an extension which the user
may modify. By marking these as configuration tables, the extension
is asking for the data in these tables to be pg_dump'd
Fix pg_dump handling of extension config tables
Since 9.1, we've provided extensions with a way to denote
configuration tables- tables created by an extension which the user
may modify. By marking these as configuration tables, the extension
is asking for the data in these tables to be pg_dump'd
Fix pg_dump handling of extension config tables
Since 9.1, we've provided extensions with a way to denote
configuration tables- tables created by an extension which the user
may modify. By marking these as configuration tables, the extension
is asking for the data in these tables to be pg_dump'd
Fix pg_dump handling of extension config tables
Since 9.1, we've provided extensions with a way to denote
configuration tables- tables created by an extension which the user
may modify. By marking these as configuration tables, the extension
is asking for the data in these tables to be pg_dump'd
Fix pg_dump handling of extension config tables
Since 9.1, we've provided extensions with a way to denote
configuration tables- tables created by an extension which the user
may modify. By marking these as configuration tables, the extension
is asking for the data in these tables to be pg_dump'd
Fix targetRelation initializiation in prepsecurity
In 6f9bd50eabb0a4960e94c83dac8855771c9f340d, we modified
expand_security_quals() to tell expand_security_qual() about when the
current RTE was the targetRelation. Unfortunately, that commit
initialized the targetRelation variable used outside of
Fix targetRelation initializiation in prepsecurity
In 6f9bd50eabb0a4960e94c83dac8855771c9f340d, we modified
expand_security_quals() to tell expand_security_qual() about when the
current RTE was the targetRelation. Unfortunately, that commit
initialized the targetRelation variable used outside of
Add locking clause for SB views for update/delete
In expand_security_qual(), we were handling locking correctly when a
PlanRowMark existed, but not when we were working with the target
relation (which doesn't have any PlanRowMarks, but the subquery created
for the security barrier quals still
Add locking clause for SB views for update/delete
In expand_security_qual(), we were handling locking correctly when a
PlanRowMark existed, but not when we were working with the target
relation (which doesn't have any PlanRowMarks, but the subquery created
for the security barrier quals still
Add hasRowSecurity to copyfuncs/outfuncs
The RLS patch added a hasRowSecurity field to PlannerGlobal and
PlannedStmt but didn't update nodes/copyfuncs.c and nodes/outfuncs.c to
reflect those additional fields.
Correct that by adding entries to the appropriate functions for those
fields.
Pointed
Minor cleanup of column-level priv fix
Commit 9406884af19e2620a14059e64d4eb6ab430ab328 cleaned up
column-privilege related leaks in various error-message paths, but ended
up including a few more things than it should have in the back branches.
Specifically, there's no need for the
Minor cleanup of column-level priv fix
Commit 9406884af19e2620a14059e64d4eb6ab430ab328 cleaned up
column-privilege related leaks in various error-message paths, but ended
up including a few more things than it should have in the back branches.
Specifically, there's no need for the
Policy documentation improvements
In ALTER POLICY, use 'check_expression' instead of 'expression' for the
parameter, to match up with the recent CREATE POLICY change.
In CREATE POLICY, frame the discussion as granting access to rows
instead of limiting access to rows. Further, clarify that the
Fix BuildIndexValueDescription for expressions
In 804b6b6db4dcfc590a468e7be390738f9f7755fb we modified
BuildIndexValueDescription to pay attention to which columns are visible
to the user, but unfortunatley that commit neglected to consider indexes
which are built on expressions.
Handle
Fix BuildIndexValueDescription for expressions
In 804b6b6db4dcfc590a468e7be390738f9f7755fb we modified
BuildIndexValueDescription to pay attention to which columns are visible
to the user, but unfortunatley that commit neglected to consider indexes
which are built on expressions.
Handle
Fix BuildIndexValueDescription for expressions
In 804b6b6db4dcfc590a468e7be390738f9f7755fb we modified
BuildIndexValueDescription to pay attention to which columns are visible
to the user, but unfortunatley that commit neglected to consider indexes
which are built on expressions.
Handle
Fix BuildIndexValueDescription for expressions
In 804b6b6db4dcfc590a468e7be390738f9f7755fb we modified
BuildIndexValueDescription to pay attention to which columns are visible
to the user, but unfortunatley that commit neglected to consider indexes
which are built on expressions.
Handle
Fix column-privilege leak in error-message paths
While building error messages to return to the user,
BuildIndexValueDescription, ExecBuildSlotValueDescription and
ri_ReportViolation would happily include the entire key or entire row in
the result returned to the user, even if the user didn't
Fix column-privilege leak in error-message paths
While building error messages to return to the user,
BuildIndexValueDescription, ExecBuildSlotValueDescription and
ri_ReportViolation would happily include the entire key or entire row in
the result returned to the user, even if the user didn't
Fix column-privilege leak in error-message paths
While building error messages to return to the user,
BuildIndexValueDescription, ExecBuildSlotValueDescription and
ri_ReportViolation would happily include the entire key or entire row in
the result returned to the user, even if the user didn't
Fix column-privilege leak in error-message paths
While building error messages to return to the user,
BuildIndexValueDescription and ri_ReportViolation would happily include
the entire key or entire row in the result returned to the user, even if
the user didn't have access to view all of the
Fix column-privilege leak in error-message paths
While building error messages to return to the user,
BuildIndexValueDescription, ExecBuildSlotValueDescription and
ri_ReportViolation would happily include the entire key or entire row in
the result returned to the user, even if the user didn't
Fix column-privilege leak in error-message paths
While building error messages to return to the user,
BuildIndexValueDescription and ri_ReportViolation would happily include
the entire key or entire row in the result returned to the user, even if
the user didn't have access to view all of the
Clean up range-table building in copy.c
Commit 804b6b6db4dcfc590a468e7be390738f9f7755fb added the build of a
range table in copy.c to initialize the EState es_range_table since it
can be needed in error paths. Unfortunately, that commit didn't
appreciate that some code paths might end up not
Clean up range-table building in copy.c
Commit 804b6b6db4dcfc590a468e7be390738f9f7755fb added the build of a
range table in copy.c to initialize the EState es_range_table since it
can be needed in error paths. Unfortunately, that commit didn't
appreciate that some code paths might end up not
Clean up range-table building in copy.c
Commit 804b6b6db4dcfc590a468e7be390738f9f7755fb added the build of a
range table in copy.c to initialize the EState es_range_table since it
can be needed in error paths. Unfortunately, that commit didn't
appreciate that some code paths might end up not
Clean up range-table building in copy.c
Commit 804b6b6db4dcfc590a468e7be390738f9f7755fb added the build of a
range table in copy.c to initialize the EState es_range_table since it
can be needed in error paths. Unfortunately, that commit didn't
appreciate that some code paths might end up not
Clean up range-table building in copy.c
Commit 804b6b6db4dcfc590a468e7be390738f9f7755fb added the build of a
range table in copy.c to initialize the EState es_range_table since it
can be needed in error paths. Unfortunately, that commit didn't
appreciate that some code paths might end up not
Improve CREATE POLICY documentation
The CREATE POLICY documention didn't sufficiently clarify what happens
when a given command type (eg: ALL or UPDATE) accepts both USING and
WITH CHECK clauses, but only the USING clause is defined. Add language
to clarify that, in such a case, the USING clause
Add usebypassrls to pg_user and pg_shadow
The row level security patches didn't add the 'usebypassrls' columns to
the pg_user and pg_shadow views on the belief that they were deprecated,
but we havn't actually said they are and therefore we should include it.
This patch corrects that, adds
CREATE POLICY expression - using_expression
The syntax for CREATE POLICY simply used expression for the USING
expression, while the WITH CHECK expression was check_expression.
Given that we have two expressions, it's sensible to explcitly name both
to maintain clarity.
This patch simply changes
Reword CREATE POLICY parameter descriptions
The parameter description for the using_expression and check_expression
in CREATE POLICY were unclear and arguably included a typo. Clarify
and improve the consistency of that language.
Pointed out by Dean Rasheed.
Branch
--
master
Details
Skip dead backends in MinimumActiveBackends
Back in ed0b409, PGPROC was split and moved to static variables in
procarray.c, with procs in ProcArrayStruct replaced by an array of
integers representing process numbers (pgprocnos), with -1 indicating a
dead process which has yet to be removed.
Skip dead backends in MinimumActiveBackends
Back in ed0b409, PGPROC was split and moved to static variables in
procarray.c, with procs in ProcArrayStruct replaced by an array of
integers representing process numbers (pgprocnos), with -1 indicating a
dead process which has yet to be removed.
Skip dead backends in MinimumActiveBackends
Back in ed0b409, PGPROC was split and moved to static variables in
procarray.c, with procs in ProcArrayStruct replaced by an array of
integers representing process numbers (pgprocnos), with -1 indicating a
dead process which has yet to be removed.
Skip dead backends in MinimumActiveBackends
Back in ed0b409, PGPROC was split and moved to static variables in
procarray.c, with procs in ProcArrayStruct replaced by an array of
integers representing process numbers (pgprocnos), with -1 indicating a
dead process which has yet to be removed.
Fix typo in execMain.c
Wee - We.
Pointed out by Etsuro Fujita.
Branch
--
master
Details
---
http://git.postgresql.org/pg/commitdiff/c4fda14845c3215a15aa9aa0b844119d2c28c475
Modified Files
--
src/backend/executor/execMain.c |2 +-
1 file changed, 1 insertion(+), 1
Move rowsecurity event trigger test
The event trigger test for rowsecurity can cause problems for other
tests which are run in parallel with it. Instead of running that test
in the rowsecurity set, move it to the event_trigger set, which runs
isolated from other tests.
Also reverts 7161b08,
* Tom Lane (t...@sss.pgh.pa.us) wrote:
Alvaro Herrera alvhe...@2ndquadrant.com writes:
Tom Lane wrote:
Don't run rowsecurity in parallel with other regression tests.
The short-lived event trigger in the rowsecurity test causes irreproducible
failures when the concurrent tests do
Suppress DROP CASCADE notices in regression tests
In the regression tests, when doing cascaded drops, we need to suppress
the notices from DROP CASCADE or there can be transient regression
failures as the order of drops can depend on the physical row order in
pg_depend.
Report and fix suggestion
Add int64 - int8 mapping to genbki
Per discussion with Tom and Andrew, 64bit integers are no longer a
problem for the catalogs, so go ahead and add the mapping from the C
int64 type to the int8 SQL identification to allow using them.
Patch by Adam Brightwell
Branch
--
master
Details
* Thom Brown (t...@linux.com) wrote:
There's still some left-over text that wasn't reverted. Patch attached to
fix.
Good catch, fix pushed, thanks!
Stephen
signature.asc
Description: Digital signature
Revert change to ALTER TABLESPACE summary.
When ALTER TABLESPACE MOVE ALL was changed to be ALTER TABLE ALL IN
TABLESPACE, the ALTER TABLESPACE summary should have been adjusted back
to its original definition.
Patch by Thom Brown (thanks!).
Branch
--
REL9_4_STABLE
Details
---
Revert change to ALTER TABLESPACE summary.
When ALTER TABLESPACE MOVE ALL was changed to be ALTER TABLE ALL IN
TABLESPACE, the ALTER TABLESPACE summary should have been adjusted back
to its original definition.
Patch by Thom Brown (thanks!).
Branch
--
master
Details
---
Clean up includes from RLS patch
The initial patch for RLS mistakenly included headers associated with
the executor and planner bits in rewrite/rowsecurity.h. Per policy and
general good sense, executor headers should not be included in planner
headers or vice versa.
The include of execnodes.h
Fix pg_dump for UPDATE policies
pg_dump had the wrong character for update and so was failing when
attempts were made to pg_dump databases with UPDATE policies.
Pointed out by Fujii Masao (thanks!)
Branch
--
master
Details
---
Clean up Create/DropReplicationSlot query buffer
CreateReplicationSlot() and DropReplicationSlot() were not cleaning up
the query buffer in some cases (mostly error conditions) which meant a
small leak. Not generally an issue as the error case would result in an
immediate exit, but not difficult
* Andres Freund (and...@anarazel.de) wrote:
I can't get very excited about this - but I also have no problems fixing
it. I'm fine with you committing what you have. Or would you rather have
me do it?
Done.
Thanks!
Stephen
signature.asc
Description: Digital signature
All,
* Andres Freund (and...@anarazel.de) wrote:
Refactor replication connection code of various pg_basebackup utilities.
Move some more code to manage replication connection command to
streamutil.c. A later patch will introduce replication slot via
pg_receivexlog and this avoid duplicating
* Andres Freund (and...@anarazel.de) wrote:
On 2014-10-05 09:49:31 -0400, Stephen Frost wrote:
Move some more code to manage replication connection command to
streamutil.c. A later patch will introduce replication slot via
pg_receivexlog and this avoid duplicating relevant code between
Fix CreatePolicy, pg_dump -v; psql and doc updates
Peter G pointed out that valgrind was, rightfully, complaining about
CreatePolicy() ending up copying beyond the end of the parsed policy
name. Name is a fixed-size type and we need to use namein (through
DirectFunctionCall1()) to flush out the
Tom,
On Friday, October 3, 2014, Tom Lane t...@sss.pgh.pa.us wrote:
Just as a note, this should've included a catversion bump. The rule of
thumb is that if you need to do an initdb (not just a recompile) to get
the regression tests to pass, there should be a catversion bump. And
that
Correct stdin/stdout usage in COPY .. PROGRAM
The COPY documentation incorrectly stated, for the PROGRAM case,
that we read from stdin and wrote to stdout. Fix that, and improve
consistency by referring to the 'PostgreSQL' user instead of the
'postgres' user, as is done in the rest of the COPY
Correct stdin/stdout usage in COPY .. PROGRAM
The COPY documentation incorrectly stated, for the PROGRAM case,
that we read from stdin and wrote to stdout. Fix that, and improve
consistency by referring to the 'PostgreSQL' user instead of the
'postgres' user, as is done in the rest of the COPY
Correct stdin/stdout usage in COPY .. PROGRAM
The COPY documentation incorrectly stated, for the PROGRAM case,
that we read from stdin and wrote to stdout. Fix that, and improve
consistency by referring to the 'PostgreSQL' user instead of the
'postgres' user, as is done in the rest of the COPY
Revert 95d737ff to add 'ignore_nulls'
Per discussion, revert the commit which added 'ignore_nulls' to
row_to_json. This capability would be better added as an independent
function rather than being bolted on to row_to_json. Additionally,
the implementation didn't address complex JSON objects,
Also revert e3ec0728, JSON regression tests
Managed to forget to update the other JSON regression test output,
again. Revert the commit which fixed it before.
Per buildfarm.
Branch
--
master
Details
---
http://git.postgresql.org/pg/commitdiff/08da8947f4b52ad41770f260a3962b032de77120
Fix relcache for policies, and doc updates
Andres pointed out that there was an extra ';' in equalPolicies, which
made me realize that my prior testing with CLOBBER_CACHE_ALWAYS was
insufficient (it didn't always catch the issue, just most of the time).
Thanks to that, a different issue was
* Andres Freund (and...@2ndquadrant.com) wrote:
I've not really looked at the code, but I doubt
if (policy1-hassublinks != policy2-hassublinks);
return false;
was what you intended. Note the trailing ;.
Gah, quite right. Will fix.
Thanks!
Code review for row security.
Buildfarm member tick identified an issue where the policies in the
relcache for a relation were were being replaced underneath a running
query, leading to segfaults while processing the policies to be added
to a query. Similar to how TupleDesc RuleLocks are
Copy-editing of row security
Address a few typos in the row security update, pointed out
off-list by Adam Brightwell. Also include 'ALL' in the list
of commands supported, for completeness.
Branch
--
master
Details
---
Process withCheckOption exprs in setrefs.c
While withCheckOption exprs had been handled in many cases by
happenstance, they need to be handled during set_plan_references and
more specifically down in set_plan_refs for ModifyTable plan nodes.
This is to ensure that the opfuncid's are set for
Process withCheckOption exprs in setrefs.c
While withCheckOption exprs had been handled in many cases by
happenstance, they need to be handled during set_plan_references and
more specifically down in set_plan_refs for ModifyTable plan nodes.
This is to ensure that the opfuncid's are set for
Log ALTER SYSTEM statements as DDL
Per discussion in bug #11350, log ALTER SYSTEM commands at the
log_statement=ddl level, rather than at the log_statement=all level.
Pointed out by Tomonari Katsumata.
Back-patch to 9.4 where ALTER SYSTEM was introduced.
Branch
--
master
Details
---
Log ALTER SYSTEM statements as DDL
Per discussion in bug #11350, log ALTER SYSTEM commands at the
log_statement=ddl level, rather than at the log_statement=all level.
Pointed out by Tomonari Katsumata.
Back-patch to 9.4 where ALTER SYSTEM was introduced.
Branch
--
REL9_4_STABLE
Details
Add unicode_*_linestyle to \? variables
In a2dabf0 we added the ability to have single or double unicode
linestyle for the border, column, or header. Unfortunately, the
\? variables output was not updated for these new psql variables.
This corrects that oversight.
Patch by Pavel Stehule.
* Peter Eisentraut (pete...@gmx.net) wrote:
On 9/19/14 11:41 AM, Stephen Frost wrote:
Row-Level Security Policies (RLS)
src/include/commands/policy.h needs to include a file that defines
Relation, so that it can stand on its own.
Hum. I wonder if that's because I got a bit over-aggressive
Andres,
On Sunday, September 21, 2014, Andres Freund and...@2ndquadrant.com wrote:
IIRC cplupluscheck catches such problem. Annoyingly it doesn't work
properly in vpath builds...
Doh- that is annoying as that's almost exclusively what I use..
Master causes these warnings for me btw:
Row-Level Security Policies (RLS)
Building on the updatable security-barrier views work, add the
ability to define policies on tables to limit the set of rows
which are returned from a query and which are allowed to be added
to a table. Expressions defined by the policy for filtering are
added
Handle border = 3 in expanded mode
In psql, expanded mode was not being displayed correctly when using
the normal ascii or unicode linestyles and border set to '3'. Now,
per the documentation, border '3' is really only sensible for HTML
and LaTeX formats, however, that's no excuse for
Handle border = 3 in expanded mode
In psql, expanded mode was not being displayed correctly when using
the normal ascii or unicode linestyles and border set to '3'. Now,
per the documentation, border '3' is really only sensible for HTML
and LaTeX formats, however, that's no excuse for
Handle border = 3 in expanded mode
In psql, expanded mode was not being displayed correctly when using
the normal ascii or unicode linestyles and border set to '3'. Now,
per the documentation, border '3' is really only sensible for HTML
and LaTeX formats, however, that's no excuse for
Handle border = 3 in expanded mode
In psql, expanded mode was not being displayed correctly when using
the normal ascii or unicode linestyles and border set to '3'. Now,
per the documentation, border '3' is really only sensible for HTML
and LaTeX formats, however, that's no excuse for
Handle border = 3 in expanded mode
In psql, expanded mode was not being displayed correctly when using
the normal ascii or unicode linestyles and border set to '3'. Now,
per the documentation, border '3' is really only sensible for HTML
and LaTeX formats, however, that's no excuse for
Add unicode_{column|header|border}_style to psql
With the unicode linestyle, this adds support to control if the
column, header, or border style should be single or double line
unicode characters. The default remains 'single'.
In passing, clean up the border documentation and address some
minor
Add 'ignore_nulls' option to row_to_json
Provide an option to skip NULL values in a row when generating a JSON
object from that row with row_to_json. This can reduce the size of the
JSON object in cases where columns are NULL without really reducing the
information in the JSON object.
This also
Hey Tom,
* Tom Lane (t...@sss.pgh.pa.us) wrote:
Fix JSON regression tests.
Commit 95d737ff45a38809130a2c633d9e6bc26c825036 neglected to update
expected/json_1.out. Per buildfarm.
I had just been working on that- took me a bit to realize what was
happening. Apologies.
Thanks!
Move ALTER ... ALL IN to ProcessUtilitySlow
Now that ALTER TABLE .. ALL IN TABLESPACE has replaced the previous
ALTER TABLESPACE approach, it makes sense to move the calls down in
to ProcessUtilitySlow where the rest of ALTER TABLE is handled.
This also means that event triggers will support
Move ALTER ... ALL IN to ProcessUtilitySlow
Now that ALTER TABLE .. ALL IN TABLESPACE has replaced the previous
ALTER TABLESPACE approach, it makes sense to move the calls down in
to ProcessUtilitySlow where the rest of ALTER TABLE is handled.
This also means that event triggers will support
Tab completion for ALTER .. ALL IN TABLESPACE
Update the tab completion for the changes made in
3c4cf080879b386d4ed1814667aca025caafe608, which rework 'MOVE ALL' to be
'ALTER .. ALL IN TABLESPACE'.
Fujii Masao
Back-patch to 9.4, as the original change was.
Branch
--
master
Details
---
* Peter Eisentraut (pete...@gmx.net) wrote:
doc: Revert ALTER TABLESPACE summary line
It was changed when ALTER TABLESPACE / MOVE was added but then not
updated when that was moved back out.
Whoops- sorry about that, and thanks for fixing.
Stephen
signature.asc
Description:
Fix Var handling for security barrier views
In some cases, not all Vars were being correctly marked as having been
modified for updatable security barrier views, which resulted in invalid
plans (eg: when security barrier views were created over top of
inheiritance structures).
In passing, be
Fix Var handling for security barrier views
In some cases, not all Vars were being correctly marked as having been
modified for updatable security barrier views, which resulted in invalid
plans (eg: when security barrier views were created over top of
inheiritance structures).
In passing, be
Rework 'MOVE ALL' to 'ALTER .. ALL IN TABLESPACE'
As 'ALTER TABLESPACE .. MOVE ALL' really didn't change the tablespace
but instead changed objects inside tablespaces, it made sense to
rework the syntax and supporting functions to operate under the
'ALTER (TABLE|INDEX|MATERIALIZED VIEW)' syntax
Rework 'MOVE ALL' to 'ALTER .. ALL IN TABLESPACE'
As 'ALTER TABLESPACE .. MOVE ALL' really didn't change the tablespace
but instead changed objects inside tablespaces, it made sense to
rework the syntax and supporting functions to operate under the
'ALTER (TABLE|INDEX|MATERIALIZED VIEW)' syntax
* Andrew Dunstan (and...@dunslane.net) wrote:
Are you really sure we can do this consistently? The regression
tests have to run against all sorts of settings, including those we
have no control over via installcheck.
Sure? No. However, there are quite a few existing regression tests
that do
Greg,
* Greg Stark (st...@mit.edu) wrote:
But the original goal seems like it would be easier and better done with an
immutable function which lies and calls elog to leak information. That's
the actual attack this is supposed to protect against anyways.
Uh, yes, that's what the explain is
* Tom Lane (t...@sss.pgh.pa.us) wrote:
Sure, but I think Greg's point is that this could be tested by a
black-box functional test (does it print something it shouldn't)
rather than a white-box test that necessarily depends on a whole lot
of *other* planner choices that don't have much to do
Make security barrier views automatically updatable
Views which are marked as security_barrier must have their quals
applied before any user-defined quals are called, to prevent
user-defined functions from being able to see rows which the
security barrier view is intended to prevent them from
* Tom Lane (t...@sss.pgh.pa.us) wrote:
Stephen Frost sfr...@snowman.net writes:
Make security barrier views automatically updatable
For the record, this should have bumped catversion, because it
broke stored views. Given that I'd just done a bump a few hours
earlier, there's probably
Add ANALYZE into regression tests
Looks like we can end up with different plans happening on the
buildfarm, which breaks the regression tests when we include
EXPLAIN output (which is done in the regression tests for
updatable security views, to ensure that the user-defined
function isn't pushed
Make a dedicated AlterTblSpcStmt production
Given that ALTER TABLESPACE has moved on from just existing for
general purpose rename/owner changes, it deserves its own top-level
production in the grammar. This also cleans up the RenameStmt to
only ever be used for actual RENAMEs again- it really
301 - 400 of 488 matches
Mail list logo
