Re: RLS fails to work with UPDATE ... WHERE CURRENT OF

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 07/14/2015 12:40 PM, Dean Rasheed wrote:
> On 14 July 2015 at 13:59, Robert Haas <robertmhaas@gmail.com>
> wrote:
>> On Thu, Jul 9, 2015 at 5:47 PM, Joe Conway <mail@joeconway.com>
>> wrote:
>>> On 06/08/2015 02:08 AM, Dean Rasheed wrote:
>>>> Actually I think it is fixable just by allowing the CURRENT
>>>> OF expression to be pushed down into the subquery through
>>>> the security barrier view. The planner is then guaranteed to
>>>> generate a TID scan, filtering by any other RLS quals, which
>>>> ought to be the optimal plan. Patch attached.
>>> 
>>> This looks good to me. I have tested and don't find any issues
>>> with it. Will commit in a day or so unless someone has
>>> objections.
>> 
>> Is this fix needed in all versions that support security barrier 
>> views, or just in 9.5 and 9.6 that have RLS specifically?
> 
> It's only needed in 9.5 and later for tables with RLS, because
> WHERE CURRENT OF isn't supported on views.

Pushed.


- -- 
Joe Conway
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)

iQIcBAEBAgAGBQJVspjUAAoJEDfy90M199hlJ3kP/i87ZlFmIOwApwm1y/OPOM/r
iW4BvUXadkbBnRG0ReoW9PPHXQHFbytunnL3I5Ddnnwa3KHFmzc7LBUpwRQRG5JO
bclB+Z/0AHYgdkKh/dvfngp2QddPk5bRZ2PuEYgMNBOFBWtANzOCdDVsKKouPnoq
0+H9o0LVWtInse8mL0J321Xl34XH0DKdeJSgG8Tq2Te7YCDkISLFQMv4jaOctktt
cfs1AYF1gG6ZoWjNDhupXejCIVR22VzONtjX3JxNWht3vhcN5bRBhU9KPZobfdaw
9cGbgIGHqZdb5ZZDILWbgiKvif/4krEDcnKLXHlsdnW4wO2oS7399d1Atjf7KJNX
unTX3yskYNcocGxIn76cGc76xWHoMj88AFxTlQ0zU3cUInZAQyFEK//4UiQ0Wzad
iAvTO4SwjyOY3/ipNlxKP0gwH27EA83mVZLiZ/qfo3GExD/NfI2rT2iGn7Dx9syX
frGFyYAm8cSWqVK+EzideL6yZL5fWoDpCC3GZnSHJEpriO/jnbqC0EmFxftP2N7N
1HSX8bjOExvLLtARry5SV6ngtu1gJABqRD38TjzExg/WMn+3S2NnYZHE3YGWpowz
CdSqLnVoGzHCNcj74eEV8XseX0JRVY3jHlv0iEme0MGmtkA1AdMesaUBjy9A9MGh
y2ZONUQCpBj/3lPj+wtb
=odS2
-----END PGP SIGNATURE-----