RLS bug?
Example session, from master branch:
postgres=# create table rowtest (key int4 primary key, val text);
CREATE TABLE
postgres=# alter table rowtest enable row level security;
ALTER TABLE
postgres=# create role bob;
CREATE ROLE
postgres=# CREATE POLICY test ON rowtest
FOR INSERT
TO bob
WITH CHECK (key % 3 = 0 );
CREATE POLICY
postgres=# CREATE POLICY test2 ON rowtest
FOR UPDATE
TO bob
WITH CHECK (key % 2 = 0 );
CREATE POLICY
postgres=# \d rowtest
Table "public.rowtest"
Column | Type | Modifiers
--------+---------+-----------
key | integer | not null
val | text |
Indexes:
"rowtest_pkey" PRIMARY KEY, btree (key)
Policies:
POLICY "test" FOR INSERT
TO bob
WITH CHECK ((key % 3) = 0)
POLICY "test2"
TO bob
WITH CHECK ((key % 2) = 0)
Why is the policy "test2" not listed as applying only "FOR UPDATE"? If
this is the intended behavior, it is not consistent with the
documentation, which states: "Using UPDATE for a policy means that it
will apply to UPDATE commands".
--
Peter Geoghegan
--
Sent via pgsql-bugs mailing list (pgsql-bugs@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-bugs
Peter,
* Peter Geoghegan (pg@heroku.com) wrote:
Why is the policy "test2" not listed as applying only "FOR UPDATE"? If
this is the intended behavior, it is not consistent with the
documentation, which states: "Using UPDATE for a policy means that it
will apply to UPDATE commands".
Yeah, that looks like an issue.. I'll look into it.
Thanks!
Stephen
Peter,
* Peter Geoghegan (pg@heroku.com) wrote:
Why is the policy "test2" not listed as applying only "FOR UPDATE"? If
this is the intended behavior, it is not consistent with the
documentation, which states: "Using UPDATE for a policy means that it
will apply to UPDATE commands".
It wasn't intentional and I had been meaning to get to it, but Tom beat
me to it. master now handles this correctly.
Thanks!
Stephen