Adam Brightwell <adam.brightw...@crunchydatasolutions.com> writes:
> Through this effort, we have concluded that for RLS the case of
> invalidating a plan is only necessary when switching between a superuser
> and a non-superuser. Obviously, re-planning on every role change would be
> too costly, but this approach should help minimize that cost. As well,
> there were not any cases outside of this one that were immediately apparent
> with respect to RLS that would require re-planning on a per userid basis.
Hm ... I'm not following why we'd need a special case for superusers and
not anyone else? Seems like any useful RLS scheme is going to require
more privilege levels than just superuser and not-superuser.
Could we put the "if superuser then ok" test into the RLS condition test
and thereby not need more than one plan at all?
regards, tom lane
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
