This is an automated email from the ASF dual-hosted git repository. github-bot pushed a commit to branch gh-readonly-queue/main/pr-2169-3c7ecf3dc9fef865788a3f2004cb6987b2b7f60c in repository https://gitbox.apache.org/repos/asf/datafusion-sqlparser-rs.git
commit a175cdb067ca37098ab0761999f4c2be7387aaa7 Author: isaacparker0 <[email protected]> AuthorDate: Sat Jan 24 06:15:28 2026 -0500 PostgreSQL: Support force row level security (#2169) --- src/ast/ddl.rs | 18 ++++++++++++++++++ src/ast/spans.rs | 2 ++ src/parser/mod.rs | 15 +++++++++++++++ tests/sqlparser_postgres.rs | 2 ++ 4 files changed, 37 insertions(+) diff --git a/src/ast/ddl.rs b/src/ast/ddl.rs index fcd14b6d..3a5cd32b 100644 --- a/src/ast/ddl.rs +++ b/src/ast/ddl.rs @@ -192,6 +192,7 @@ pub enum AlterTableOperation { /// `DISABLE ROW LEVEL SECURITY` /// /// Note: this is a PostgreSQL-specific operation. + /// Please refer to [PostgreSQL documentation](https://www.postgresql.org/docs/current/sql-altertable.html) DisableRowLevelSecurity, /// `DISABLE RULE rewrite_rule_name` /// @@ -318,7 +319,18 @@ pub enum AlterTableOperation { /// `ENABLE ROW LEVEL SECURITY` /// /// Note: this is a PostgreSQL-specific operation. + /// Please refer to [PostgreSQL documentation](https://www.postgresql.org/docs/current/sql-altertable.html) EnableRowLevelSecurity, + /// `FORCE ROW LEVEL SECURITY` + /// + /// Note: this is a PostgreSQL-specific operation. + /// Please refer to [PostgreSQL documentation](https://www.postgresql.org/docs/current/sql-altertable.html) + ForceRowLevelSecurity, + /// `NO FORCE ROW LEVEL SECURITY` + /// + /// Note: this is a PostgreSQL-specific operation. + /// Please refer to [PostgreSQL documentation](https://www.postgresql.org/docs/current/sql-altertable.html) + NoForceRowLevelSecurity, /// `ENABLE RULE rewrite_rule_name` /// /// Note: this is a PostgreSQL-specific operation. @@ -876,6 +888,12 @@ impl fmt::Display for AlterTableOperation { AlterTableOperation::EnableRowLevelSecurity => { write!(f, "ENABLE ROW LEVEL SECURITY") } + AlterTableOperation::ForceRowLevelSecurity => { + write!(f, "FORCE ROW LEVEL SECURITY") + } + AlterTableOperation::NoForceRowLevelSecurity => { + write!(f, "NO FORCE ROW LEVEL SECURITY") + } AlterTableOperation::EnableRule { name } => { write!(f, "ENABLE RULE {name}") } diff --git a/src/ast/spans.rs b/src/ast/spans.rs index 58d70a87..126e587a 100644 --- a/src/ast/spans.rs +++ b/src/ast/spans.rs @@ -1121,6 +1121,8 @@ impl Spanned for AlterTableOperation { AlterTableOperation::EnableReplicaRule { name } => name.span, AlterTableOperation::EnableReplicaTrigger { name } => name.span, AlterTableOperation::EnableRowLevelSecurity => Span::empty(), + AlterTableOperation::ForceRowLevelSecurity => Span::empty(), + AlterTableOperation::NoForceRowLevelSecurity => Span::empty(), AlterTableOperation::EnableRule { name } => name.span, AlterTableOperation::EnableTrigger { name } => name.span, AlterTableOperation::RenamePartitions { diff --git a/src/parser/mod.rs b/src/parser/mod.rs index 8d021af8..55fec678 100644 --- a/src/parser/mod.rs +++ b/src/parser/mod.rs @@ -9825,6 +9825,21 @@ impl<'a> Parser<'a> { self.peek_token(), ); } + } else if self.parse_keywords(&[ + Keyword::FORCE, + Keyword::ROW, + Keyword::LEVEL, + Keyword::SECURITY, + ]) { + AlterTableOperation::ForceRowLevelSecurity + } else if self.parse_keywords(&[ + Keyword::NO, + Keyword::FORCE, + Keyword::ROW, + Keyword::LEVEL, + Keyword::SECURITY, + ]) { + AlterTableOperation::NoForceRowLevelSecurity } else if self.parse_keywords(&[Keyword::CLEAR, Keyword::PROJECTION]) && dialect_of!(self is ClickHouseDialect|GenericDialect) { diff --git a/tests/sqlparser_postgres.rs b/tests/sqlparser_postgres.rs index 7c194c1c..6a4b78b5 100644 --- a/tests/sqlparser_postgres.rs +++ b/tests/sqlparser_postgres.rs @@ -640,6 +640,8 @@ fn parse_alter_table_enable() { pg_and_generic().verified_stmt("ALTER TABLE tab ENABLE REPLICA TRIGGER trigger_name"); pg_and_generic().verified_stmt("ALTER TABLE tab ENABLE REPLICA RULE rule_name"); pg_and_generic().verified_stmt("ALTER TABLE tab ENABLE ROW LEVEL SECURITY"); + pg_and_generic().verified_stmt("ALTER TABLE tab FORCE ROW LEVEL SECURITY"); + pg_and_generic().verified_stmt("ALTER TABLE tab NO FORCE ROW LEVEL SECURITY"); pg_and_generic().verified_stmt("ALTER TABLE tab ENABLE RULE rule_name"); pg_and_generic().verified_stmt("ALTER TABLE tab ENABLE TRIGGER ALL"); pg_and_generic().verified_stmt("ALTER TABLE tab ENABLE TRIGGER USER"); --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
