Adjust behavior of row_security GUC to match the docs.

Tom Lane <tgl@sss.pgh.pa.us>

Commit: 5d35438273c4523a4dc4b48c3bd575e64310d3d4
Author: Tom Lane <tgl@sss.pgh.pa.us>
Date: 2016-01-04T17:21:41Z
Releases: 9.6.0
Adjust behavior of row_security GUC to match the docs.

Some time back we agreed that row_security=off should not be a way to
bypass RLS entirely, but only a way to get an error if it was being
applied.  However, the code failed to act that way for table owners.
Per discussion, this is a must-fix bug for 9.5.0.

Adjust the logic in rls.c to behave as expected; also, modify the
error message to be more consistent with the new interpretation.
The regression tests need minor corrections as well.  Also update
the comments about row_security in ddl.sgml to be correct.  (The
official description of the GUC in config.sgml is already correct.)

I failed to resist the temptation to do some other very minor
cleanup as well, such as getting rid of a duplicate extern declaration.

Files

Documentation touched