FORCE ROW LEVEL SECURITY
| От | Robert Haas |
|---|---|
| Тема | FORCE ROW LEVEL SECURITY |
| Дата | |
| Msg-id | CA+TgmoYHjkh6b4qYOh8=QwpATumK26OTKdD+Ci=A=5iy2LrJRQ@mail.gmail.com обсуждение исходный текст |
| Ответы |
Re: FORCE ROW LEVEL SECURITY
Re: FORCE ROW LEVEL SECURITY |
| Список | pgsql-hackers |
FORCE ROW LEVEL SECURITY doesn't behave as I would expect. rhaas=# create policy hideit on foo1 using (a < 3); CREATE POLICY rhaas=# explain select * from foo1; QUERY PLAN ---------------------------------------------------------Seq Scan on foo1 (cost=0.00..22.70 rows=1270 width=36) (1 row) rhaas=# alter table foo force row level security; ALTER TABLE rhaas=# alter table foo1 enable row level security; ALTER TABLE rhaas=# explain select * from foo1; QUERY PLAN ---------------------------------------------------------Seq Scan on foo1 (cost=0.00..22.70 rows=1270 width=36) (1 row) rhaas=# create user bob; CREATE ROLE rhaas=# grant select on foo1 to bob; GRANT rhaas=# \c - bob You are now connected to database "rhaas" as user "bob". rhaas=> select * from foo1;a | b ---+--- (0 rows) rhaas=> explain select * from foo1; QUERY PLAN --------------------------------------------------------Seq Scan on foo1 (cost=0.00..25.88 rows=423 width=36) Filter: (a< 3) (2 rows) Isn't the whole purpose of FORCE ROW LEVEL SECURITY to cause RLS to be applied even for the table owner? -- Robert Haas EnterpriseDB: http://www.enterprisedb.com The Enterprise PostgreSQL Company
В списке pgsql-hackers по дате отправления: