ALTER TABLE .. FORCE ROW LEVEL SECURITY

Stephen Frost <sfrost@snowman.net>

Commit: 90f334d2ca1a8bae2d0cd8a0898fb8ef90257565
Author: Stephen Frost <sfrost@snowman.net>
Date: 2015-10-05T01:05:18Z
Releases: 9.5.0
ALTER TABLE .. FORCE ROW LEVEL SECURITY

To allow users to force RLS to always be applied, even for table owners,
add ALTER TABLE .. FORCE ROW LEVEL SECURITY.

row_security=off overrides FORCE ROW LEVEL SECURITY, to ensure pg_dump
output is complete (by default).

Also add SECURITY_NOFORCE_RLS context to avoid data corruption when
ALTER TABLE .. FORCE ROW SECURITY is being used. The
SECURITY_NOFORCE_RLS security context is used only during referential
integrity checks and is only considered in check_enable_rls() after we
have already checked that the current user is the owner of the relation
(which should always be the case during referential integrity checks).

Back-patch to 9.5 where RLS was added.

Files