Adam Brightwell <adam.brightw...@crunchydatasolutions.com> writes: > Through this effort, we have concluded that for RLS the case of > invalidating a plan is only necessary when switching between a superuser > and a non-superuser. Obviously, re-planning on every role change would be > too costly, but this approach should help minimize that cost. As well, > there were not any cases outside of this one that were immediately apparent > with respect to RLS that would require re-planning on a per userid basis.
Hm ... I'm not following why we'd need a special case for superusers and not anyone else? Seems like any useful RLS scheme is going to require more privilege levels than just superuser and not-superuser. Could we put the "if superuser then ok" test into the RLS condition test and thereby not need more than one plan at all? regards, tom lane -- Sent via pgsql-hackers mailing list (firstname.lastname@example.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers