diff options
| -rw-r--r-- | doc/src/sgml/ddl.sgml | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/doc/src/sgml/ddl.sgml b/doc/src/sgml/ddl.sgml index fe4efe10426..b3440cbebfa 100644 --- a/doc/src/sgml/ddl.sgml +++ b/doc/src/sgml/ddl.sgml @@ -2757,7 +2757,15 @@ VALUES ('Albany', NULL, NULL, 'NY'); accessed through <structname>cities</>. This preserves the appearance that the data is (also) in the parent table. But the <structname>capitals</structname> table could not be updated directly - without an additional grant. In a similar way, the parent table's row + without an additional grant. Two exceptions to this rule are + <command>TRUNCATE</command> and <command>LOCK TABLE</command>, + where permissions on the child tables are always checked, + whether they are processed directly or recursively via those commands + performed on the parent table. + </para> + + <para> + In a similar way, the parent table's row security policies (see <xref linkend="ddl-rowsecurity">) are applied to rows coming from child tables during an inherited query. A child table's policies, if any, are applied only when it is the table explicitly named |