From 9c55391f0f277318c754f89950e65363ede4136e Mon Sep 17 00:00:00 2001 From: Dean Rasheed Date: Fri, 24 Nov 2017 14:14:40 +0000 Subject: [PATCH] RLS comment fixes. The comments in get_policies_for_relation() say that CREATE POLICY does not support defining restrictive policies. This is no longer true, starting from PG10. --- src/backend/rewrite/rowsecurity.c | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/src/backend/rewrite/rowsecurity.c b/src/backend/rewrite/rowsecurity.c index a0cd6b1075..5bd33f7ba4 100644 --- a/src/backend/rewrite/rowsecurity.c +++ b/src/backend/rewrite/rowsecurity.c @@ -408,11 +408,7 @@ get_policies_for_relation(Relation relation, CmdType cmd, Oid user_id, *permissive_policies = NIL; *restrictive_policies = NIL; - /* - * First find all internal policies for the relation. CREATE POLICY does - * not currently support defining restrictive policies, so for now all - * internal policies are permissive. - */ + /* First find all internal policies for the relation. */ foreach(item, relation->rd_rsdesc->policies) { bool cmd_matches = false; @@ -450,7 +446,7 @@ get_policies_for_relation(Relation relation, CmdType cmd, Oid user_id, } /* - * Add this policy to the list of permissive policies if it applies to + * Add this policy to the relevant list of policies if it applies to * the specified role. */ if (cmd_matches && check_role_for_policy(policy->roles, user_id)) -- 2.40.0