Re: [v9.4] row level security

Kohei KaiGai <kaigai(at)kaigai(dot)gr(dot)jp> writes:
> 2013/9/4 Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>:
>> And for insert/update/delete, we do what exactly?

> Regarding to update/delete, this patch also enhanced to allow update or
> delete mechanism allows to take a sub-query on top of the table scan plan.

> So, its explain output shows as follows:

> postgres=> EXPLAIN (costs off) UPDATE customer SET email = 'alice(at)example(dot)com';
> QUERY PLAN
> --------------------------------------------------
> Update on customer
> -> Subquery Scan on customer
> -> Seq Scan on customer customer_1
> Filter: ("current_user"() = uname)

> You can see this update has Subquery plan instead of regular relation scan.

Really? That wasn't apparent from reading the patch. (Have I mentioned
it's desperately underdocumented? Aside from needing a lot more in-code
comments than it's got, it would benefit from having an overview section
added to optimizer/README explaining stuff at the level of this
discussion.)

I'm a bit surprised that setrefs.c doesn't eliminate the Subquery Scan as
being a no-op, given that no quals end up getting applied at that level.
You might look into why not, since if that plan node were eliminated at
the end, it'd fix any efficiency complaints about this approach.

regards, tom lane