Re: [PATCH] Add reloption for views to enable RLS

Laurenz Albe <laurenz.albe@cybertec.at>

From: Laurenz Albe <laurenz.albe@cybertec.at>
To: Christoph Heiss <christoph.heiss@cybertec.at>, Dean Rasheed <dean.a.rasheed@gmail.com>
Cc: walther@technowledgy.de, PostgreSQL Hackers <pgsql-hackers@postgresql.org>, Hans-Jürgen Schönig <hs@cybertec.at>
Date: 2022-03-14T16:16:33Z
Lists: pgsql-hackers
On Mon, 2022-03-14 at 13:40 +0100, Christoph Heiss wrote:
> On 3/9/22 16:06, Laurenz Albe wrote:
> > This paragraph contains a couple of grammatical errors.
>
> Replaced the two paragraphs with your suggestion, it is indeed easier to 
> read.
> 
> > Also, this:
> > could be written like this (introducing a new variable):
> > 
> >    if (rule->event == CMD_SELECT
> >        && relation->rd_rel->relkind == RELKIND_VIEW
> >        && RelationHasSecurityInvoker(relation))
> >        user_for_check = InvalidOid;
> >    else
> >        user_for_check = relation->rd_rel->relowner;
> > 
> >    setRuleCheckAsUser((Node *) rule->actions, user_for_check);
> >    setRuleCheckAsUser(rule->qual, user_for_check);
> > 
> > This might be easier to read.
> 
> Makes sense, I've changed that. This also seems to be more in line with 
> all the other code.
> While at it I also split the comment alongside it to match, hopefully 
> that makes sense.

The patch is fine from my point of view.

It passes "make check-world".

I'll mark it as "ready for committer".

Yours,
Laurenz Albe




Commits

  1. Add support for security invoker views.

  2. Replace use of deprecated Python module distutils.sysconfig