Search Postgresql Archives

Re: RLS policy issue

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Ted,

* Ted Toth (txtoth@xxxxxxxxx) wrote:
> I'd also expect that the "rewrite" would have added the POLICY SELECT
> USING clause to the query but I don't see any indication of that in
> the details that follow:

Just running 'explain' should show the policy.

Are you running this as the owner of the table or as a superuser?  As
noted in the documentation, the owner (who controls the policies
on the table anyway) and the superuser (who can bypass all
authorization) do not have the RLS policies applied unless the
'row_security' GUC is set to 'force', like so:

SET row_security = force;

By the way, you might be interested in the test_rls_hooks module which I
wrote and committed recently under src/test/modules.  That's the
approach which I was thinking about using with sepgsql to provide policy
enforcement, but using regular policies should also work.

	Thanks!

		Stephen

Attachment: signature.asc
Description: Digital signature


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Postgresql Jobs]     [Postgresql Admin]     [Postgresql Performance]     [Linux Clusters]     [PHP Home]     [PHP on Windows]     [Kernel Newbies]     [PHP Classes]     [PHP Books]     [PHP Databases]     [Postgresql & PHP]     [Yosemite]
  Powered by Linux