| From: | Craig Ringer <craig(at)2ndquadrant(dot)com> |
|---|---|
| To: | Robert Haas <robertmhaas(at)gmail(dot)com>, Stephen Frost <sfrost(at)snowman(dot)net> |
| Cc: | Fujii Masao <masao(dot)fujii(at)gmail(dot)com>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: CREATE POLICY and RETURNING |
| Date: | 2014-10-17 06:57:03 |
| Message-ID: | 5440BDBF.8060001@2ndquadrant.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 10/17/2014 02:49 AM, Robert Haas wrote:
> I think you could probably make the DELETE policy control what can get
> deleted, but then have the SELECT policy further filter what gets
> returned.
That seems like the worst of both worlds to me.
Suddenly DELETE ... RETURNING might delete more rows than it reports a
resultset for. As well as being potentially dangerous for people using
it in wCTEs, etc, to me that's the most astonishing possible outcome of all.
I'd be much happier with even:
ERROR: RETURNING not permitted with SELECT row-security policy
than this.
--
Craig Ringer http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Training & Services
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Pavel Stehule | 2014-10-17 07:01:05 | Re: printing table in asciidoc with psql |
| Previous Message | Rahila Syed | 2014-10-17 04:52:49 | Re: [REVIEW] Re: Compression of full-page-writes |