diff --git a/doc/src/sgml/catalogs.sgml b/doc/src/sgml/catalogs.sgml index 76d6405..bae08ee 100644 --- a/doc/src/sgml/catalogs.sgml +++ b/doc/src/sgml/catalogs.sgml @@ -1943,6 +1943,7 @@ relhasrowsecurity bool + True if table has row-security enabled; see pg_rowsecurity catalog diff --git a/doc/src/sgml/config.sgml b/doc/src/sgml/config.sgml index 70e47aa..9494439 100644 --- a/doc/src/sgml/config.sgml +++ b/doc/src/sgml/config.sgml @@ -5457,9 +5457,9 @@ COPY postgres_log FROM '/full/path/to/logfile.csv' WITH csv; The allowed values of row_security are - on (apply normally- not to superuser or table owner), + on (apply normally - not to superuser or table owner), off (fail if row security would be applied), and - force (apply always- even to superuser and table owner). + force (apply always - even to superuser and table owner). diff --git a/doc/src/sgml/ref/alter_table.sgml b/doc/src/sgml/ref/alter_table.sgml index 1b35756..b5ef09e 100644 --- a/doc/src/sgml/ref/alter_table.sgml +++ b/doc/src/sgml/ref/alter_table.sgml @@ -429,7 +429,7 @@ ALTER TABLE ALL IN TABLESPACE name These forms control the application of row security policies belonging to the table. If enabled and no policies exist for the table, then a default-deny policy is applied. Note that policies can exist for a table - even if row level security is disabled- in this case, the policies will + even if row level security is disabled - in this case, the policies will NOT be applied and the policies will be ignored. See also . diff --git a/src/backend/commands/policy.c b/src/backend/commands/policy.c index 2f4df48..fc430b3 100644 --- a/src/backend/commands/policy.c +++ b/src/backend/commands/policy.c @@ -108,7 +108,7 @@ parse_row_security_command(const char *cmd_name) char cmd; if (!cmd_name) - elog(ERROR, "Unregonized command."); + elog(ERROR, "unregonized command"); if (strcmp(cmd_name, "all") == 0) cmd = 0; @@ -121,8 +121,7 @@ parse_row_security_command(const char *cmd_name) else if (strcmp(cmd_name, "delete") == 0) cmd = ACL_DELETE_CHR; else - elog(ERROR, "Unregonized command."); - /* error unrecognized command */ + elog(ERROR, "unregonized command"); return cmd; } @@ -484,7 +483,7 @@ CreatePolicy(CreatePolicyStmt *stmt) if (rseccmd == ACL_INSERT_CHR && stmt->qual != NULL) ereport(ERROR, (errcode(ERRCODE_SYNTAX_ERROR), - errmsg("Only WITH CHECK expression allowed for INSERT"))); + errmsg("only WITH CHECK expression allowed for INSERT"))); /* Collect role ids */ @@ -731,7 +730,7 @@ AlterPolicy(AlterPolicyStmt *stmt) if (!HeapTupleIsValid(rsec_tuple)) ereport(ERROR, (errcode(ERRCODE_UNDEFINED_OBJECT), - errmsg("policy '%s' for does not exist on table %s", + errmsg("policy \"%s\" on table \"%s\" does not exist", stmt->policy_name, RelationGetRelationName(target_table)))); @@ -850,7 +849,7 @@ rename_policy(RenameStmt *stmt) pg_rowsecurity_rel = heap_open(RowSecurityRelationId, RowExclusiveLock); - /* First pass- check for conflict */ + /* First pass -- check for conflict */ /* Add key - row security relation id. */ ScanKeyInit(&skey[0], diff --git a/src/backend/rewrite/rowsecurity.c b/src/backend/rewrite/rowsecurity.c index e1ccd12..b595cfa 100644 --- a/src/backend/rewrite/rowsecurity.c +++ b/src/backend/rewrite/rowsecurity.c @@ -177,7 +177,7 @@ prepend_row_security_policies(Query* root, RangeTblEntry* rte, int rt_index) * all of them OR'd together. However, to avoid the situation of an * extension granting more access to a table than the internal policies * would allow, the extension's policies are AND'd with the internal - * policies. In other words- extensions can only provide further + * policies. In other words - extensions can only provide further * filtering of the result set (or further reduce the set of records * allowed to be added). * @@ -285,7 +285,6 @@ prepend_row_security_policies(Query* root, RangeTblEntry* rte, int rt_index) * * Returns the list of policies to be added for this relation, based on the * type of command and the roles to which it applies, from the relation cache. - * */ static List * pull_row_security_policies(CmdType cmd, Relation relation, Oid user_id) diff --git a/src/bin/pg_dump/pg_restore.c b/src/bin/pg_dump/pg_restore.c index 1c1b80f..21715dc 100644 --- a/src/bin/pg_dump/pg_restore.c +++ b/src/bin/pg_dump/pg_restore.c @@ -463,7 +463,7 @@ usage(const char *progname) printf(_(" -x, --no-privileges skip restoration of access privileges (grant/revoke)\n")); printf(_(" -1, --single-transaction restore as a single transaction\n")); printf(_(" --disable-triggers disable triggers during data-only restore\n")); - printf(_(" --enable-row-security enable row level security\n")); + printf(_(" --enable-row-security enable row level security\n")); printf(_(" --if-exists use IF EXISTS when dropping objects\n")); printf(_(" --no-data-for-failed-tables do not restore data of tables that could not be\n" " created\n")); diff --git a/src/include/commands/policy.h b/src/include/commands/policy.h index 95d8a6d..8ca4cb0 100644 --- a/src/include/commands/policy.h +++ b/src/include/commands/policy.h @@ -24,10 +24,10 @@ extern void RemovePolicyById(Oid policy_id); extern Oid CreatePolicy(CreatePolicyStmt *stmt); extern Oid AlterPolicy(AlterPolicyStmt *stmt); -Oid get_relation_policy_oid(Oid relid, - const char *policy_name, bool missing_ok); +extern Oid get_relation_policy_oid(Oid relid, const char *policy_name, + bool missing_ok); -Oid rename_policy(RenameStmt *stmt); +extern Oid rename_policy(RenameStmt *stmt); #endif /* POLICY_H */