]> granicus.if.org Git - postgresql/commit
projects / postgresql / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 8978eb0) | patch
Adjust behavior of row_security GUC to match the docs.
authorTom Lane <tgl@sss.pgh.pa.us>
Mon, 4 Jan 2016 17:21:31 +0000 (12:21 -0500)
committerTom Lane <tgl@sss.pgh.pa.us>
Mon, 4 Jan 2016 17:21:41 +0000 (12:21 -0500)
commit5d35438273c4523a4dc4b48c3bd575e64310d3d4
tree85d72efc1307a3f7276666caba80469ce6eaedfetree | snapshot
parent8978eb03a8dcfafd9e0839bc430749839476c34acommit | diff
Adjust behavior of row_security GUC to match the docs.

Some time back we agreed that row_security=off should not be a way to
bypass RLS entirely, but only a way to get an error if it was being
applied.  However, the code failed to act that way for table owners.
Per discussion, this is a must-fix bug for 9.5.0.

Adjust the logic in rls.c to behave as expected; also, modify the
error message to be more consistent with the new interpretation.
The regression tests need minor corrections as well.  Also update
the comments about row_security in ddl.sgml to be correct.  (The
official description of the GUC in config.sgml is already correct.)

I failed to resist the temptation to do some other very minor
cleanup as well, such as getting rid of a duplicate extern declaration.
doc/src/sgml/ddl.sgml diff | blob | history
src/backend/utils/misc/rls.c diff | blob | history
src/test/regress/expected/rowsecurity.out diff | blob | history
src/test/regress/sql/rowsecurity.sql diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.