9.5rc1 RLS select policy on insert?
I see the insert policy check running but also the select policy using
on insert. I don't understand why the select policy is being run.
Could it possibly be related to using a sequence on the table?
Ted
--
Sent via pgsql-general mailing list (pgsql-general@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general
* Ted Toth (txtoth@gmail.com) wrote:
I see the insert policy check running but also the select policy using
on insert. I don't understand why the select policy is being run.
Could it possibly be related to using a sequence on the table?
It's used when SELECT rights are required on the table, such as with an
INSERT .. RETURNING.
Thanks!
Stephen
This happens on simple INSERTs no RETURNING.
On Wed, Jan 6, 2016 at 9:40 PM, Stephen Frost <sfrost@snowman.net> wrote:
* Ted Toth (txtoth@gmail.com) wrote:
I see the insert policy check running but also the select policy using
on insert. I don't understand why the select policy is being run.
Could it possibly be related to using a sequence on the table?It's used when SELECT rights are required on the table, such as with an
INSERT .. RETURNING.Thanks!
Stephen
--
Sent via pgsql-general mailing list (pgsql-general@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general
Ted Toth <txtoth@gmail.com> writes:
This happens on simple INSERTs no RETURNING.
You're going to need to show a concrete example.
regards, tom lane
--
Sent via pgsql-general mailing list (pgsql-general@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general
Ted,
Please don't top-post on these lists.
On Wed, Jan 6, 2016 at 9:40 PM, Stephen Frost <sfrost@snowman.net> wrote:
* Ted Toth (txtoth@gmail.com) wrote:
I see the insert policy check running but also the select policy using
on insert. I don't understand why the select policy is being run.
Could it possibly be related to using a sequence on the table?It's used when SELECT rights are required on the table, such as with an
INSERT .. RETURNING.
* Ted Toth (txtoth@gmail.com) wrote:
This happens on simple INSERTs no RETURNING.
You'll have to provide more information on what you're seeing.
I've just stepped through get_row_security_quals() for a simple INSERT
to a table and reviewed what ends up in securityQuals (it's NULL) and
withCheckOptions (it's the single boolean expression corresponding to
the INSERT policy defined on the table). The SELECT policy, which is
also defined on the table, is no where to be found in the results of
that call.
I was testing with:
=*> \d t1
Table "public.t1"
Column | Type | Modifiers
--------+---------+-----------
c1 | integer |
Policies:
POLICY "p1" FOR INSERT
WITH CHECK ((c1 > 5))
POLICY "p2" FOR SELECT
USING ((c1 < 5))
=*> insert into t1 values (6);
Thanks!
Stephen
On Thu, Jan 7, 2016 at 8:27 AM, Tom Lane <tgl@sss.pgh.pa.us> wrote:
Ted Toth <txtoth@gmail.com> writes:
This happens on simple INSERTs no RETURNING.
You're going to need to show a concrete example.
regards, tom lane
You were right there was an insert with RETURNING :(
--
Sent via pgsql-general mailing list (pgsql-general@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general