NotificationsYou must be signed in to change notification settings
Fork5
Star27

Commit6550b90

committed

Code review for row security.

Buildfarm member tick identified an issue where the policies in therelcache for a relation were were being replaced underneath a runningquery, leading to segfaults while processing the policies to be addedto a query. Similar to how TupleDesc RuleLocks are handled, add in aequalRSDesc() function to check if the policies have actually changedand, if not, swap back the rsdesc field (using the original instead ofthe temporairly built one; the whole structure is swapped and thenspecific fields swapped back). This now passes a CLOBBER_CACHE_ALWAYSfor me and should resolve the buildfarm error.In addition to addressing this, add a new chapter in Data Definitionunder Privileges which explains row security and provides examples ofits usage, change \d to always list policies (even if row security isdisabled- but note that it is disabled, or enabled with no policies),rework check_role_for_policy (it really didn't need the entire policy,but it did need to be using has_privs_of_role()), and change the fieldin pg_class to relrowsecurity from relhasrowsecurity, based onHeikki's suggestion. Also from Heikki, only issue SET ROW_SECURITY inpg_restore when talking to a 9.5+ server, list Bypass RLS in \du, anddocument --enable-row-security options for pg_dump and pg_restore.Lastly, fix a number of minor whitespace and typo issues from Heikki,Dimitri, add a missing #include, per Peter E, fix a few minorvariable-assigned-but-not-used and resource leak issues from Coverityand add tab completion for role attribute bypassrls as well.

1 parent3f6f926 commit6550b90Copy full SHA for 6550b90

File tree

24 files changed

+439

-122

lines changed

doc/src/sgml
src
- backend
  - catalog
    - heap.c
    - system_views.sql
  - commands
    - policy.c
    - tablecmds.c
  - rewrite
    - rowsecurity.c
  - utils
    - adt
      - ri_triggers.c
    - cache
      - relcache.c
- bin
  - pg_dump
  - psql
    - describe.c
    - tab-complete.c
- include
  - catalog
    - catversion.h
    - pg_class.h
  - commands
    - policy.h
- test/regress/expected
  - rules.out

24 files changed

+439

-122

lines changed

`‎doc/src/sgml/catalogs.sgml‎`

Lines changed: 6 additions & 5 deletions

Original file line number	Diff line number	Diff line change
`@@ -1941,8 +1941,9 @@`
`1941`	`1941`	`</row>`
`1942`	`1942`
`1943`	`1943`	`<row>`
`1944`		`- <entry><structfield>relhasrowsecurity</structfield></entry>`
	`1944`	`+ <entry><structfield>relrowsecurity</structfield></entry>`
`1945`	`1945`	`<entry><type>bool</type></entry>`
	`1946`	`+ <entry></entry>`
`1946`	`1947`	`<entry>`
`1947`	`1948`	`True if table has row-security enabled; see`
`1948`	`1949`	`<link linkend="catalog-pg-rowsecurity"><structname>pg_rowsecurity</structname></link> catalog`
`@@ -5415,7 +5416,7 @@`
`5415`	`5416`
`5416`	`5417`	`<note>`
`5417`	`5418`	`<para>`
`5418`		`- <literal>pg_class.relhasrowsecurity</literal>`
	`5419`	`+ <literal>pg_class.relrowsecurity</literal>`
`5419`	`5420`	`True if the table has row-security enabled.`
`5420`	`5421`	`Must be true if the table has a row-security policy in this catalog.`
`5421`	`5422`	`</para>`
`@@ -9228,10 +9229,10 @@ SELECT * FROM pg_locks pl LEFT JOIN pg_prepared_xacts ppx`
`9228`	`9229`	`<entry>True if table has (or once had) triggers</entry>`
`9229`	`9230`	`</row>`
`9230`	`9231`	`<row>`
`9231`		`- <entry><structfield>hasrowsecurity</structfield></entry>`
	`9232`	`+ <entry><structfield>rowsecurity</structfield></entry>`
`9232`	`9233`	`<entry><type>boolean</type></entry>`
`9233`		`- <entry><literal><link linkend="catalog-pg-class"><structname>pg_class</structname></link>.relhasrowsecurity</literal></entry>`
`9234`		`- <entry>True iftable hasrow security enabled</entry>`
	`9234`	`+ <entry><literal><link linkend="catalog-pg-class"><structname>pg_class</structname></link>.relrowsecurity</literal></entry>`
	`9235`	`+ <entry>True if row securityisenabled on the table</entry>`
`9235`	`9236`	`</row>`
`9236`	`9237`	`</tbody>`
`9237`	`9238`	`</tgroup>`

`‎doc/src/sgml/config.sgml‎`

Lines changed: 2 additions & 2 deletions

Original file line number	Diff line number	Diff line change
`@@ -5457,9 +5457,9 @@ COPY postgres_log FROM '/full/path/to/logfile.csv' WITH csv;`
`5457`	`5457`
`5458`	`5458`	`<para>`
`5459`	`5459`	`The allowed values of <varname>row_security</> are`
`5460`		`- <literal>on</> (apply normally- not to superuser or table owner),`
	`5460`	`+ <literal>on</> (apply normally- not to superuser or table owner),`
`5461`	`5461`	`<literal>off</> (fail if row security would be applied), and`
`5462`		`- <literal>force</> (apply always- even to superuser and table owner).`
	`5462`	`+ <literal>force</> (apply always- even to superuser and table owner).`
`5463`	`5463`	`</para>`
`5464`	`5464`
`5465`	`5465`	`<para>`

`‎doc/src/sgml/ddl.sgml‎`

Lines changed: 168 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -1508,6 +1508,174 @@ REVOKE ALL ON accounts FROM PUBLIC;`
`1508`	`1508`	`</para>`
`1509`	`1509`	`</sect1>`
`1510`	`1510`
	`1511`	`+ <sect1 id="ddl-rowsecurity">`
	`1512`	`+ <title>Row Security Policies</title>`
	`1513`	`+`
	`1514`	`+ <indexterm zone="ddl-rowsecurity">`
	`1515`	`+ <primary>rowsecurity</primary>`
	`1516`	`+ </indexterm>`
	`1517`	`+`
	`1518`	`+ <indexterm zone="ddl-rowsecurity">`
	`1519`	`+ <primary>rls</primary>`
	`1520`	`+ </indexterm>`
	`1521`	`+`
	`1522`	`+ <indexterm>`
	`1523`	`+ <primary>policies</primary>`
	`1524`	`+ <see>policy</see>`
	`1525`	`+ </indexterm>`
	`1526`	`+`
	`1527`	`+ <indexterm zone="ddl-rowsecurity">`
	`1528`	`+ <primary>POLICY</primary>`
	`1529`	`+ </indexterm>`
	`1530`	`+`
	`1531`	`+ <para>`
	`1532`	`+ In addition to the <xref linkend="ddl-priv"> system available through`
	`1533`	`+ <xref linkend="sql-grant">, tables can have row security policies`
	`1534`	`+ which limit the rows returned for normal queries and rows which can`
	`1535`	`+ be added through data modification commands. By default, tables do`
	`1536`	`+ not have any policies and all rows are visible and able to be added,`
	`1537`	`+ subject to the regular <xref linkend="ddl-priv"> system. This is`
	`1538`	`+ also known to as Row Level Security.`
	`1539`	`+ </para>`
	`1540`	`+`
	`1541`	`+ <para>`
	`1542`	`+ When row security is enabled on a table with`
	`1543`	`+ <xref linkend="sql-altertable">, all normal access to the table`
	`1544`	`+ (excluding the owner) for selecting rows or adding rows must be through`
	`1545`	`+ a policy. If no policy exists for the table, a default-deny policy is`
	`1546`	`+ used and no rows are visible or can be added. Privileges which operate`
	`1547`	`+ at the whole table level such as <literal>TRUNCATE</>, and`
	`1548`	`+ <literal>REFERENCES</> are not subject to row security.`
	`1549`	`+ </para>`
	`1550`	`+`
	`1551`	`+ <para>`
	`1552`	`+ Row security policies can be specific to commands, or to roles, or to`
	`1553`	`+ both. The commands available are <literal>SELECT</>, <literal>INSERT</>,`
	`1554`	`+ <literal>UPDATE</>, and <literal>DELETE</>. Multiple roles can be`
	`1555`	`+ assigned to a given policy and normal role membership and inheiritance`
	`1556`	`+ rules apply.`
	`1557`	`+ </para>`
	`1558`	`+`
	`1559`	`+ <para>`
	`1560`	`+ To specify which rows are visible and what rows can be added to the`
	`1561`	`+ table with row security, an expression is required which returns a`
	`1562`	`+ boolean result. This expression will be evaluated for each row prior`
	`1563`	`+ to other conditionals or functions which are part of the query. The`
	`1564`	`+ one exception to this rule are <literal>leakproof</literal> functions,`
	`1565`	`+ which are guaranteed to not leak information. Two expressions may be`
	`1566`	`+ specified to provide independent control over the rows which are`
	`1567`	`+ visible and the rows which are allowed to be added. The expression`
	`1568`	`+ is run as part of the query and with the privileges of the user`
	`1569`	`+ running the query, however, security definer functions can be used in`
	`1570`	`+ the expression.`
	`1571`	`+ </para>`
	`1572`	`+`
	`1573`	`+ <para>`
	`1574`	`+ Enabling and disabling row security, as well as adding policies to a`
	`1575`	`+ table, is always the privilege of the owner only.`
	`1576`	`+ </para>`
	`1577`	`+`
	`1578`	`+ <para>`
	`1579`	`+ Policies are created using the <xref linkend="sql-createpolicy">`
	`1580`	`+ command, altered using the <xref linkend="sql-alterpolicy"> command,`
	`1581`	`+ and dropped using the <xref linkend="sql-droppolicy"> command. To`
	`1582`	`+ enable and disable row security for a given table, use the`
	`1583`	`+ <xref linkend="sql-altertable"> command.`
	`1584`	`+ </para>`
	`1585`	`+`
	`1586`	`+ <para>`
	`1587`	`+ The table owners and superusers bypass the row security system when`
	`1588`	`+ querying a table, by default. Row security can be enabled for`
	`1589`	`+ superusers and table owners by setting`
	`1590`	`+ <xref linkend="guc-row-security"> to <literal>force</literal>. Any`
	`1591`	`+ user can request that row security be bypassed by setting`
	`1592`	`+ <xref linkend="guc-row-security"> to <literal>off</literal>. If`
	`1593`	`+ the user does not have privileges to bypass row security when`
	`1594`	`+ querying a given table then an error will be returned instead. Other`
	`1595`	`+ users can be granted the ability to bypass the row security system`
	`1596`	`+ with the <literal>BYPASSRLS</literal> role attribute. This`
	`1597`	`+ attribute can only be set by a superuser.`
	`1598`	`+ </para>`
	`1599`	`+`
	`1600`	`+ <para>`
	`1601`	`+ Each policy has a name and multiple policies can be defined for a`
	`1602`	`+ table. As policies are table-specific, each policy for a table must`
	`1603`	`+ have a unique name. Different tables may have policies with the`
	`1604`	`+ same name.`
	`1605`	`+ </para>`
	`1606`	`+`
	`1607`	`+ <para>`
	`1608`	`+ When multiple policies apply to a given query, they are combined using`
	`1609`	`+ <literal>OR</literal>, similar to how a given role has the privileges`
	`1610`	`+ of all roles which they are a member of.`
	`1611`	`+ </para>`
	`1612`	`+`
	`1613`	`+ <para>`
	`1614`	`+ Referential integrity checks, such as unique or primary key constraints`
	`1615`	`+ and foreign key references, will bypass row security to ensure that`
	`1616`	`+ data integrity is maintained. Care must be taken when developing`
	`1617`	`+ schemas and row level policies to avoid a "covert channel" leak of`
	`1618`	`+ information through these referntial integrity checks.`
	`1619`	`+ </para>`
	`1620`	`+`
	`1621`	`+ <para>`
	`1622`	`+ To enable row security for a table,`
	`1623`	`+ the <command>ALTER TABLE</command> is used. For example, to enable`
	`1624`	`+ row level security for the table accounts, use:`
	`1625`	`+ </para>`
	`1626`	`+`
	`1627`	`+<programlisting>`
	`1628`	`+-- Create the table first`
	`1629`	`+CREATE TABLE accounts (manager text, company text, contact_email text);`
	`1630`	`+ALTER TABLE accounts ENABLE ROW LEVEL SECURITY;`
	`1631`	`+</programlisting>`
	`1632`	`+`
	`1633`	`+ <para>`
	`1634`	`+ To create a policy on the account relation to allow the managers role`
	`1635`	`+ to view the rows of their accounts, the <command>CREATE POLICY</command>`
	`1636`	`+ command can be used:`
	`1637`	`+ </para>`
	`1638`	`+`
	`1639`	`+<programlisting>`
	`1640`	`+CREATE POLICY account_managers ON accounts TO managers`
	`1641`	`+ USING (manager = current_user);`
	`1642`	`+</programlisting>`
	`1643`	`+`
	`1644`	`+ <para>`
	`1645`	`+ If no role is specified, or the special <quote>user</quote> name`
	`1646`	`+ <literal>PUBLIC</literal> is used, then the policy applies to all`
	`1647`	`+ users on the system. To allow all users to view their own row in`
	`1648`	`+ a user table, a simple policy can be used:`
	`1649`	`+ </para>`
	`1650`	`+`
	`1651`	`+<programlisting>`
	`1652`	`+CREATE POLICY user_policy ON users`
	`1653`	`+ USING (user = current_user);`
	`1654`	`+</programlisting>`
	`1655`	`+`
	`1656`	`+ <para>`
	`1657`	`+ To use a different policy for rows which are being added to the`
	`1658`	`+ table from those rows which are visible, the WITH CHECK clause`
	`1659`	`+ can be used. This would allow all users to view all rows in the`
	`1660`	`+ users table, but only modify their own:`
	`1661`	`+ </para>`
	`1662`	`+`
	`1663`	`+<programlisting>`
	`1664`	`+CREATE POLICY user_policy ON users`
	`1665`	`+ USING (true)`
	`1666`	`+ WITH CHECK (user = current_user);`
	`1667`	`+</programlisting>`
	`1668`	`+`
	`1669`	`+ <para>`
	`1670`	`+ Row security can be disabled with the <command>ALTER TABLE</command>`
	`1671`	`+ also. Note that disabling row security does not remove the`
	`1672`	`+ policies which are defined on the table, they are simply ignored`
	`1673`	`+ and all rows are visible and able to be added, subject to the`
	`1674`	`+ normal privileges system.`
	`1675`	`+ </para>`
	`1676`	`+`
	`1677`	`+ </sect1>`
	`1678`	`+`
`1511`	`1679`	`<sect1 id="ddl-schemas">`
`1512`	`1680`	`<title>Schemas</title>`
`1513`	`1681`

`‎doc/src/sgml/ref/alter_table.sgml‎`

Lines changed: 1 addition & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -429,7 +429,7 @@ ALTER TABLE ALL IN TABLESPACE <replaceable class="PARAMETER">name</replaceable>`
`429`	`429`	`These forms control the application of row security policies belonging`
`430`	`430`	`to the table. If enabled and no policies exist for the table, then a`
`431`	`431`	`default-deny policy is applied. Note that policies can exist for a table`
`432`		`- even if row level security is disabled- in this case, the policies will`
	`432`	`+ even if row level security is disabled- in this case, the policies will`
`433`	`433`	`NOT be applied and the policies will be ignored.`
`434`	`434`	`See also`
`435`	`435`	`<xref linkend="SQL-CREATEPOLICY">.`

`‎doc/src/sgml/ref/create_policy.sgml‎`

Lines changed: 1 addition & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -240,7 +240,7 @@ CREATE POLICY <replaceable class="parameter">name</replaceable> ON <replaceable`
`240`	`240`	`</varlistentry>`
`241`	`241`
`242`	`242`	`<varlistentry id="SQL-CREATEPOLICY-UPDATE">`
`243`		`- <term><literal>DELETE</></term>`
	`243`	`+ <term><literal>UPDATE</></term>`
`244`	`244`	`<listitem>`
`245`	`245`	`<para>`
`246`	`246`	`Using <literal>UPDATE</literal> for a policy means that it will apply`

`‎doc/src/sgml/ref/pg_dump.sgml‎`

Lines changed: 17 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -687,6 +687,23 @@ PostgreSQL documentation`
`687`	`687`	`</listitem>`
`688`	`688`	`</varlistentry>`
`689`	`689`
	`690`	`+ <varlistentry>`
	`691`	`+ <term><option>--enable-row-security</></term>`
	`692`	`+ <listitem>`
	`693`	`+ <para>`
	`694`	`+ This option is relevant only when dumping the contents of a table`
	`695`	`+ which has row security. By default, pg_dump will set`
	`696`	`+ <literal>ROW_SECURITY</literal> to <literal>OFF</literal>, to ensure`
	`697`	`+ that all data is dumped from the table. If the user does not have`
	`698`	`+ sufficient privileges to bypass row security, then an error is thrown.`
	`699`	`+ This parameter instructs <application>pg_dump</application> to set`
	`700`	`+ row_security to 'ON' instead, allowing the user to dump the contents`
	`701`	`+ of the table which they have access to.`
	`702`	`+ </para>`
	`703`	`+`
	`704`	`+ </listitem>`
	`705`	`+ </varlistentry>`
	`706`	`+`
`690`	`707`	`<varlistentry>`
`691`	`708`	`<term><option>--exclude-table-data=<replaceable class="parameter">table</replaceable></option></term>`
`692`	`709`	`<listitem>`

`‎doc/src/sgml/ref/pg_restore.sgml‎`

Lines changed: 23 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -490,6 +490,29 @@`
`490`	`490`	`</listitem>`
`491`	`491`	`</varlistentry>`
`492`	`492`
	`493`	`+ <varlistentry>`
	`494`	`+ <term><option>--enable-row-security</></term> <listitem>`
	`495`	`+ <para>`
	`496`	`+ This option is relevant only when restoring the contents of a table`
	`497`	`+ which has row security. By default, pg_restore will set`
	`498`	`+ <literal>ROW_SECURITY</literal> to <literal>OFF</literal>, to ensure`
	`499`	`+ that all data is restored in to the table. If the user does not have`
	`500`	`+ sufficient privileges to bypass row security, then an error is thrown.`
	`501`	`+ This parameter instructs <application>pg_restore</application> to set`
	`502`	`+ row_security to 'ON' instead, allowing the user to attempt to restore`
	`503`	`+ the contents of the table with row security enabled. This may still`
	`504`	`+ fail if the user does not have the right to insert the rows from the`
	`505`	`+ dump into the table.`
	`506`	`+ </para>`
	`507`	`+`
	`508`	`+ <para>`
	`509`	`+ Note that this option currently also requires the dump be in INSERT`
	`510`	`+ format as COPY TO does not support row security.`
	`511`	`+ </para>`
	`512`	`+`
	`513`	`+ </listitem>`
	`514`	`+ </varlistentry>`
	`515`	`+`
`493`	`516`	`<varlistentry>`
`494`	`517`	`<term><option>--if-exists</option></term>`
`495`	`518`	`<listitem>`

`‎src/backend/catalog/heap.c‎`

Lines changed: 1 addition & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -799,7 +799,7 @@ InsertPgClassTuple(Relation pg_class_desc,`
`799`	`799`	`values[Anum_pg_class_relhaspkey-1]=BoolGetDatum(rd_rel->relhaspkey);`
`800`	`800`	`values[Anum_pg_class_relhasrules-1]=BoolGetDatum(rd_rel->relhasrules);`
`801`	`801`	`values[Anum_pg_class_relhastriggers-1]=BoolGetDatum(rd_rel->relhastriggers);`
`802`		`-values[Anum_pg_class_relhasrowsecurity-1]=BoolGetDatum(rd_rel->relhasrowsecurity);`
	`802`	`+values[Anum_pg_class_relrowsecurity-1]=BoolGetDatum(rd_rel->relrowsecurity);`
`803`	`803`	`values[Anum_pg_class_relhassubclass-1]=BoolGetDatum(rd_rel->relhassubclass);`
`804`	`804`	`values[Anum_pg_class_relispopulated-1]=BoolGetDatum(rd_rel->relispopulated);`
`805`	`805`	`values[Anum_pg_class_relreplident-1]=CharGetDatum(rd_rel->relreplident);`

`‎src/backend/catalog/system_views.sql‎`

Lines changed: 1 addition & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -119,7 +119,7 @@ CREATE VIEW pg_tables AS`
`119`	`119`	`C.relhasindexAS hasindexes,`
`120`	`120`	`C.relhasrulesAS hasrules,`
`121`	`121`	`C.relhastriggersAS hastriggers,`
`122`		`-C.relhasrowsecurityAShasrowsecurity`
	`122`	`+C.relrowsecurityASrowsecurity`
`123`	`123`	`FROM pg_class CLEFT JOIN pg_namespace NON (N.oid=C.relnamespace)`
`124`	`124`	`LEFT JOIN pg_tablespace TON (T.oid=C.reltablespace)`
`125`	`125`	`WHEREC.relkind='r';`

`‎src/backend/commands/policy.c‎`

Lines changed: 8 additions & 9 deletions

Original file line number	Diff line number	Diff line change
`@@ -108,7 +108,7 @@ parse_row_security_command(const char *cmd_name)`
`108`	`108`	`charcmd;`
`109`	`109`
`110`	`110`	`if (!cmd_name)`
`111`		`-elog(ERROR,"Unregonized command.");`
	`111`	`+elog(ERROR,"unregonized command");`
`112`	`112`
`113`	`113`	`if (strcmp(cmd_name,"all")==0)`
`114`	`114`	`cmd=0;`
`@@ -121,8 +121,7 @@ parse_row_security_command(const char *cmd_name)`
`121`	`121`	`elseif (strcmp(cmd_name,"delete")==0)`
`122`	`122`	`cmd=ACL_DELETE_CHR;`
`123`	`123`	`else`
`124`		`-elog(ERROR,"Unregonized command.");`
`125`		`-/* error unrecognized command */`
	`124`	`+elog(ERROR,"unregonized command");`
`126`	`125`
`127`	`126`	`returncmd;`
`128`	`127`	`}`
`@@ -422,8 +421,8 @@ RemovePolicyById(Oid policy_id)`
`422`	`421`	`heap_close(rel,AccessExclusiveLock);`
`423`	`422`
`424`	`423`	`/*`
`425`		`- * Note that, unlike some of the other flags in pg_class,relhasrowsecurity`
`426`		`- * is not just an indication of if policies exist. Whenrelhasrowsecurity`
	`424`	`+ * Note that, unlike some of the other flags in pg_class,relrowsecurity`
	`425`	`+ * is not just an indication of if policies exist. Whenrelrowsecurity`
`427`	`426`	`* is set (which can be done directly by the user or indirectly by creating`
`428`	`427`	`* a policy on the table), then all access to the relation must be through`
`429`	`428`	`* a policy. If no policy is defined for the relation then a default-deny`
`@@ -484,7 +483,7 @@ CreatePolicy(CreatePolicyStmt *stmt)`
`484`	`483`	`if (rseccmd==ACL_INSERT_CHR&&stmt->qual!=NULL)`
`485`	`484`	`ereport(ERROR,`
`486`	`485`	`(errcode(ERRCODE_SYNTAX_ERROR),`
`487`		`-errmsg("Only WITH CHECK expression allowed for INSERT")));`
	`486`	`+errmsg("only WITH CHECK expression allowed for INSERT")));`
`488`	`487`
`489`	`488`
`490`	`489`	`/* Collect role ids */`
`@@ -731,7 +730,7 @@ AlterPolicy(AlterPolicyStmt *stmt)`
`731`	`730`	`if (!HeapTupleIsValid(rsec_tuple))`
`732`	`731`	`ereport(ERROR,`
`733`	`732`	`(errcode(ERRCODE_UNDEFINED_OBJECT),`
`734`		`-errmsg("policy'%s' for does not existon table%s",`
	`733`	`+errmsg("policy\"%s\"on table\"%s\" does not exist",`
`735`	`734`	`stmt->policy_name,`
`736`	`735`	`RelationGetRelationName(target_table))));`
`737`	`736`
`@@ -850,7 +849,7 @@ rename_policy(RenameStmt *stmt)`
`850`	`849`
`851`	`850`	`pg_rowsecurity_rel=heap_open(RowSecurityRelationId,RowExclusiveLock);`
`852`	`851`
`853`		`-/* First pass- check for conflict */`
	`852`	`+/* First pass -- check for conflict */`
`854`	`853`
`855`	`854`	`/* Add key - row security relation id. */`
`856`	`855`	`ScanKeyInit(&skey[0],`
`@@ -868,7 +867,7 @@ rename_policy(RenameStmt *stmt)`
`868`	`867`	`RowSecurityRelidPolnameIndexId, true,NULL,2,`
`869`	`868`	`skey);`
`870`	`869`
`871`		`-if (HeapTupleIsValid(rsec_tuple=systable_getnext(sscan)))`
	`870`	`+if (HeapTupleIsValid(systable_getnext(sscan)))`
`872`	`871`	`ereport(ERROR,`
`873`	`872`	`(errcode(ERRCODE_DUPLICATE_OBJECT),`
`874`	`873`	`errmsg("row-policy \"%s\" for table \"%s\" already exists",`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit6550b90

File tree

24 files changed

24 files changed

`‎doc/src/sgml/catalogs.sgml‎`

`‎doc/src/sgml/config.sgml‎`

`‎doc/src/sgml/ddl.sgml‎`

`‎doc/src/sgml/ref/alter_table.sgml‎`

`‎doc/src/sgml/ref/create_policy.sgml‎`

`‎doc/src/sgml/ref/pg_dump.sgml‎`

`‎doc/src/sgml/ref/pg_restore.sgml‎`

`‎src/backend/catalog/heap.c‎`

`‎src/backend/catalog/system_views.sql‎`

`‎src/backend/commands/policy.c‎`

0 commit comments