pgsql: Add a security_barrier option for views.
| От | Robert Haas |
|---|---|
| Тема | pgsql: Add a security_barrier option for views. |
| Дата | |
| Msg-id | E1Rdq0q-00072t-CU@gemulon.postgresql.org обсуждение исходный текст |
| Ответы |
Re: pgsql: Add a security_barrier option for views.
Re: pgsql: Add a security_barrier option for views. |
| Список | pgsql-committers |
Add a security_barrier option for views. When a view is marked as a security barrier, it will not be pulled up into the containing query, and no quals will be pushed down into it, so that no function or operator chosen by the user can be applied to rows not exposed by the view. Views not configured with this option cannot provide robust row-level security, but will perform far better. Patch by KaiGai Kohei; original problem report by Heikki Linnakangas (in October 2009!). Review (in earlier versions) by Noah Misch and others. Design advice by Tom Lane and myself. Further review and cleanup by me. Branch ------ master Details ------- http://git.postgresql.org/pg/commitdiff/0e4611c0234d89e288a53351f775c59522baed7c Modified Files -------------- doc/src/sgml/ref/alter_view.sgml | 20 +++++++++ doc/src/sgml/ref/create_view.sgml | 13 ++++++ doc/src/sgml/rules.sgml | 39 ++++++++++++++++- src/backend/access/common/reloptions.c | 17 +++++++- src/backend/commands/tablecmds.c | 66 ++++++++++++++++++++++------- src/backend/commands/view.c | 26 ++++++++--- src/backend/nodes/copyfuncs.c | 1 + src/backend/nodes/equalfuncs.c | 1 + src/backend/nodes/outfuncs.c | 1 + src/backend/nodes/readfuncs.c | 1 + src/backend/optimizer/path/allpaths.c | 14 ++++++ src/backend/optimizer/prep/prepjointree.c | 2 + src/backend/parser/gram.y | 10 +++-- src/backend/rewrite/rewriteHandler.c | 1 + src/backend/utils/adt/selfuncs.c | 13 ++++++ src/backend/utils/cache/relcache.c | 1 + src/bin/pg_dump/pg_dump.c | 6 ++- src/include/access/reloptions.h | 3 +- src/include/nodes/parsenodes.h | 3 + src/include/utils/rel.h | 9 ++++ src/test/regress/expected/create_view.out | 55 +++++++++++++++++++++++- src/test/regress/sql/create_view.sql | 33 ++++++++++++++ 22 files changed, 300 insertions(+), 35 deletions(-)
В списке pgsql-committers по дате отправления: