Re: RLS related docs
Joe Conway <mail@joeconway.com>
From: Joe Conway <mail@joeconway.com>
To: Robert Haas <robertmhaas@gmail.com>
Cc: Dean Rasheed <dean.a.rasheed@gmail.com>,
PostgreSQL-development <pgsql-hackers@postgresql.org>
Date: 2016-12-23T02:03:13Z
Lists: pgsql-hackers
On 09/15/2016 02:34 PM, Joe Conway wrote: > On 09/15/2016 01:33 PM, Robert Haas wrote: >> On Sun, Aug 28, 2016 at 4:23 PM, Joe Conway <mail@joeconway.com> wrote: >>>>> For COPY, I think perhaps it would be more logical to put the new note >>>>> immediately after the third note which describes the privileges >>>>> required, since it's kind of related, and then we can talk about the >>>>> RLS policies required, e.g.: >>>>> >>>>> If row-level security is enabled for the table, COPY table TO is >>>>> internally converted to COPY (SELECT * FROM table) TO, and the >>>>> relevant security policies are applied. Currently, COPY FROM is not >>>>> supported for tables with row-level security. >>>> >>>> This sounds better than what I had, so I will do it that way. >>> >>> Apologies for the delay, but new patch attached. Assuming no more >>> comments, will commit this, backpatched to 9.5, in a day or two. >> >> I don't think this was ever committed, but my comment is that it seems >> to be exposing rather more of the implementation than is probably >> wise. Can't we say that SELECT policies will apply rather than saying >> that it is internally converted to a SELECT? Committed that way, backpatched to 9.5. Joe -- Crunchy Data - http://crunchydata.com PostgreSQL Support for Secure Enterprises Consulting, Training, & Open Source Development
Commits
-
Improve RLS documentation with respect to COPY
- 53afdef662ef 9.5.6 landed
- 51e9df7a1005 9.6.2 landed
- 0a85c102254b 10.0 landed