granicus.if.org Git - postgresql/blob - src/include/rewrite/rowsecurity.h

   1 /* -------------------------------------------------------------------------
   2  *
   3  * rowsecurity.h
   4  *
   5  *    prototypes for rewrite/rowsecurity.c and the structures for managing
   6  *    the row security policies for relations in relcache.
   7  *
   8  * Portions Copyright (c) 1996-2012, PostgreSQL Global Development Group
   9  * Portions Copyright (c) 1994, Regents of the University of California
  10  *
  11  * -------------------------------------------------------------------------
  12  */
  13 #ifndef ROWSECURITY_H
  14 #define ROWSECURITY_H
  15
  16 #include "nodes/parsenodes.h"
  17 #include "utils/array.h"
  18 #include "utils/relcache.h"
  19
  20 typedef struct RowSecurityPolicy
  21 {
  22         Oid                                     policy_id;              /* OID of the policy */
  23         char                       *policy_name;        /* Name of the policy */
  24         char                            cmd;                    /* Type of command policy is for */
  25         ArrayType                  *roles;                      /* Array of roles policy is for */
  26         Expr                       *qual;                       /* Expression to filter rows */
  27         Expr                       *with_check_qual; /* Expression to limit rows allowed */
  28         bool                            hassublinks;    /* If expression has sublinks */
  29 } RowSecurityPolicy;
  30
  31 typedef struct RowSecurityDesc
  32 {
  33         MemoryContext           rscxt;          /* row security memory context */
  34         List                       *policies;   /* list of row security policies */
  35 } RowSecurityDesc;
  36
  37 /* GUC variable */
  38 extern int row_security;
  39
  40 /* Possible values for row_security GUC */
  41 typedef enum RowSecurityConfigType
  42 {
  43         ROW_SECURITY_OFF,               /* RLS never applied- error thrown if no priv */
  44         ROW_SECURITY_ON,                /* normal case, RLS applied for regular users */
  45         ROW_SECURITY_FORCE              /* RLS applied for superusers and table owners */
  46 } RowSecurityConfigType;
  47
  48 /*
  49  * Used by callers of check_enable_rls.
  50  *
  51  * RLS could be completely disabled on the tables involved in the query,
  52  * which is the simple case, or it may depend on the current environment
  53  * (the role which is running the query or the value of the row_security
  54  * GUC- on, off, or force), or it might be simply enabled as usual.
  55  *
  56  * If RLS isn't on the table involved then RLS_NONE is returned to indicate
  57  * that we don't need to worry about invalidating the query plan for RLS
  58  * reasons.  If RLS is on the table, but we are bypassing it for now, then
  59  * we return RLS_NONE_ENV to indicate that, if the environment changes,
  60  * we need to invalidate and replan.  Finally, if RLS should be turned on
  61  * for the query, then we return RLS_ENABLED, which means we also need to
  62  * invalidate if the environment changes.
  63  */
  64 enum CheckEnableRlsResult
  65 {
  66         RLS_NONE,
  67         RLS_NONE_ENV,
  68         RLS_ENABLED
  69 };
  70
  71 typedef List *(*row_security_policy_hook_type)(CmdType cmdtype,
  72                                                                                            Relation relation);
  73
  74 extern PGDLLIMPORT row_security_policy_hook_type row_security_policy_hook;
  75
  76 extern bool prepend_row_security_policies(Query* root, RangeTblEntry* rte,
  77                                                                            int rt_index);
  78
  79 extern int check_enable_rls(Oid relid, Oid checkAsUser);
  80
  81 #endif  /* ROWSECURITY_H */