]> granicus.if.org Git - postgresql/commit
projects / postgresql / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 98efa76) | patch
Doc: fix oversimplified example for CREATE POLICY.
authorTom Lane <tgl@sss.pgh.pa.us>
Mon, 30 Jul 2018 15:54:41 +0000 (11:54 -0400)
committerTom Lane <tgl@sss.pgh.pa.us>
Mon, 30 Jul 2018 15:54:41 +0000 (11:54 -0400)
commit9295d7cf50fbcf1f2be19f835c9b2b1f0186fd9b
treec2e35183286c8415f29b6003a34c1ae2c5daf601tree | snapshot
parent98efa76fe313f62f84b94cd1f46c913c221b41fecommit | diff
Doc: fix oversimplified example for CREATE POLICY.

As written, this policy constrained only the post-image not the pre-image
of rows, meaning that users could delete other users' rows or take
ownership of such rows, contrary to what the docs claimed would happen.
We need two separate policies to achieve the documented effect.

While at it, try to explain what's happening a bit more fully.

Per report from Олег Самойлов.  Back-patch to 9.5 where this was added.
Thanks to Stephen Frost for off-list discussion.

Discussion: https://postgr.es/m/3298321532002010@sas1-2b3c3045b736.qloud-c.yandex.net
doc/src/sgml/ddl.sgml diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.