On 2014-10-17 14:57:03 +0800, Craig Ringer wrote: > On 10/17/2014 02:49 AM, Robert Haas wrote: > > I think you could probably make the DELETE policy control what can get > > deleted, but then have the SELECT policy further filter what gets > > returned. > > That seems like the worst of both worlds to me. > > Suddenly DELETE ... RETURNING might delete more rows than it reports a > resultset for. As well as being potentially dangerous for people using > it in wCTEs, etc, to me that's the most astonishing possible outcome of all. > > I'd be much happier with even: > > ERROR: RETURNING not permitted with SELECT row-security policy
FWIW, that doesn't sound acceptable to me. Greetings, Andres Freund -- Andres Freund http://www.2ndQuadrant.com/ PostgreSQL Development, 24x7 Support, Training & Services -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
