Re: Bug: RLS policy FOR SELECT is used to check new rows
| От | Dean Rasheed |
|---|---|
| Тема | Re: Bug: RLS policy FOR SELECT is used to check new rows |
| Дата | |
| Msg-id | CAEZATCVthTfNb8EaLiE=bJkn1yGiNx0m_ntLd2P39BHWD0UP3g@mail.gmail.com обсуждение исходный текст |
| Ответ на | Re: Bug: RLS policy FOR SELECT is used to check new rows (Laurenz Albe <laurenz.albe@cybertec.at>) |
| Ответы |
Re: Bug: RLS policy FOR SELECT is used to check new rows
|
| Список | pgsql-hackers |
On Thu, 9 Nov 2023 at 15:16, Laurenz Albe <laurenz.albe@cybertec.at> wrote: > > I have thought some more about this, and I believe that if FOR SELECT > policies are used to check new rows, you should be allowed to specify > WITH CHECK on FOR SELECT policies. Why not allow a user to specify > different conditions for fetching from a table and for new rows after > an UPDATE? > > The attached patch does that. What so you think? > So you'd be able to write policies that allowed you to do an INSERT/UPDATE ... RETURNING, where the WITH CHECK part of the SELECT policy allowed you see the new row, but then if you tried to SELECT it later, the USING part of the policy might say no. That seems pretty confusing. I would expect a row to either be visible or not, consistently across all commands. Regards, Dean
В списке pgsql-hackers по дате отправления: