diff options
| author | Stephen Frost <sfrost@snowman.net> | 2015-09-15 15:49:31 -0400 |
|---|---|---|
| committer | Stephen Frost <sfrost@snowman.net> | 2015-09-15 15:49:31 -0400 |
| commit | 22eaf35c1d247407b7cf1fffb310a26cd9b9ceb1 (patch) | |
| tree | 8cb3df9ac5809a83f0edec142f9d80c129824296 /src/include | |
| parent | 000a21336b8e218deb856f73dc8972073cb8a649 (diff) | |
| download | postgresql-22eaf35c1d247407b7cf1fffb310a26cd9b9ceb1.tar.gz postgresql-22eaf35c1d247407b7cf1fffb310a26cd9b9ceb1.zip | |
RLS refactoring
This refactors rewrite/rowsecurity.c to simplify the handling of the
default deny case (reducing the number of places where we check for and
add the default deny policy from three to one) by splitting up the
retrival of the policies from the application of them.
This also allowed us to do away with the policy_id field. A policy_name
field was added for WithCheckOption policies and is used in error
reporting, when available.
Patch by Dean Rasheed, with various mostly cosmetic changes by me.
Back-patch to 9.5 where RLS was introduced to avoid unnecessary
differences, since we're still in alpha, per discussion with Robert.
Diffstat (limited to 'src/include')
| -rw-r--r-- | src/include/nodes/parsenodes.h | 1 | ||||
| -rw-r--r-- | src/include/rewrite/rowsecurity.h | 3 |
2 files changed, 2 insertions, 2 deletions
diff --git a/src/include/nodes/parsenodes.h b/src/include/nodes/parsenodes.h index f0dcd2fa6e2..940cc32d36d 100644 --- a/src/include/nodes/parsenodes.h +++ b/src/include/nodes/parsenodes.h @@ -928,6 +928,7 @@ typedef struct WithCheckOption NodeTag type; WCOKind kind; /* kind of WCO */ char *relname; /* name of relation that specified the WCO */ + char *polname; /* name of RLS policy being checked */ Node *qual; /* constraint qual to check */ bool cascaded; /* true for a cascaded WCO on a view */ } WithCheckOption; diff --git a/src/include/rewrite/rowsecurity.h b/src/include/rewrite/rowsecurity.h index 523c56e5982..4af244d3114 100644 --- a/src/include/rewrite/rowsecurity.h +++ b/src/include/rewrite/rowsecurity.h @@ -19,7 +19,6 @@ typedef struct RowSecurityPolicy { - Oid policy_id; /* OID of the policy */ char *policy_name; /* Name of the policy */ char polcmd; /* Type of command policy is for */ ArrayType *roles; /* Array of roles policy is for */ @@ -41,7 +40,7 @@ extern PGDLLIMPORT row_security_policy_hook_type row_security_policy_hook_permis extern PGDLLIMPORT row_security_policy_hook_type row_security_policy_hook_restrictive; -extern void get_row_security_policies(Query *root, CmdType commandType, +extern void get_row_security_policies(Query *root, RangeTblEntry *rte, int rt_index, List **securityQuals, List **withCheckOptions, bool *hasRowSecurity, bool *hasSubLinks); |