Skip to content
Snippets Groups Projects
Commit a1187c4e authored by Dean Rasheed's avatar Dean Rasheed
Browse files

RLS comment fixes. 

The comments in get_policies_for_relation() say that CREATE POLICY
does not support defining restrictive policies. This is no longer
true, starting from PG10.
parent a5339ac0
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
src/backend/rewrite/rowsecurity.c
+ 2
6
View file @ a1187c4e
...@@ -408,11 +408,7 @@ get_policies_for_relation(Relation relation, CmdType cmd, Oid user_id, ...@@ -408,11 +408,7 @@ get_policies_for_relation(Relation relation, CmdType cmd, Oid user_id,
*permissive_policies = NIL; *permissive_policies = NIL;
*restrictive_policies = NIL; *restrictive_policies = NIL;
/* /* First find all internal policies for the relation. */
* First find all internal policies for the relation. CREATE POLICY does
* not currently support defining restrictive policies, so for now all
* internal policies are permissive.
*/
foreach(item, relation->rd_rsdesc->policies) foreach(item, relation->rd_rsdesc->policies)
{ {
bool cmd_matches = false; bool cmd_matches = false;
...@@ -450,7 +446,7 @@ get_policies_for_relation(Relation relation, CmdType cmd, Oid user_id, ...@@ -450,7 +446,7 @@ get_policies_for_relation(Relation relation, CmdType cmd, Oid user_id,
} }
/* /*
* Add this policy to the list of permissive policies if it applies to * Add this policy to the relevant list of policies if it applies to
* the specified role. * the specified role.
*/ */
if (cmd_matches && check_role_for_policy(policy->roles, user_id)) if (cmd_matches && check_role_for_policy(policy->roles, user_id))
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment