Re: RLS related docs
Joe Conway <mail@joeconway.com>
From: Joe Conway <mail@joeconway.com>
To: Dean Rasheed <dean.a.rasheed@gmail.com>
Cc: PostgreSQL-development <pgsql-hackers@postgresql.org>
Date: 2016-05-30T20:56:37Z
Lists: pgsql-hackers
On 05/26/2016 12:26 AM, Dean Rasheed wrote: > On 25 May 2016 at 02:04, Joe Conway <mail@joeconway.com> wrote: >> Please see attached two proposed patches for the docs related to RLS: >> >> 1) Correction to pg_restore >> 2) Additional mentions that "COPY FROM" does not allow RLS to be enabled >> >> Comments? >> > > The pg_restore change looks good -- that was clearly wrong. > > Also, +1 for the new note in pg_dump. Great, thanks! > For COPY, I think perhaps it would be more logical to put the new note > immediately after the third note which describes the privileges > required, since it's kind of related, and then we can talk about the > RLS policies required, e.g.: > > If row-level security is enabled for the table, COPY table TO is > internally converted to COPY (SELECT * FROM table) TO, and the > relevant security policies are applied. Currently, COPY FROM is not > supported for tables with row-level security. This sounds better than what I had, so I will do it that way. Thanks, Joe -- Crunchy Data - http://crunchydata.com PostgreSQL Support for Secure Enterprises Consulting, Training, & Open Source Development
Commits
-
Improve RLS documentation with respect to COPY
- 53afdef662ef 9.5.6 landed
- 51e9df7a1005 9.6.2 landed
- 0a85c102254b 10.0 landed