* Dean Rasheed (dean.a.rash...@gmail.com) wrote:
> On 28 September 2015 at 20:15, Stephen Frost wrote:
> > I listed out the various alternatives but didn't end up getting any
> > responses to it. I'm still of the opinion that the documentation is the
> > main thing which needs improving here, but
> My vote would be to keep it as-is.
Same for me.
> It feels perfectly natural to me. USING clauses add to the query's
> WHERE clause controlling which existing rows you can SELECT, UPDATE or
> DELETE. WITH CHECK clauses control what new data you can add via
> INSERT or UPDATE. UPDATE allows both
On 28 September 2015 at 20:15, Stephen Frost wrote:
> I listed out the various alternatives but didn't end up getting any
> responses to it. I'm still of the opinion that the documentation is the
> main thing which needs improving here, but we can also change CREATE
> POLICY, et al, to require an
Charles Clavadetscher
>
> Subject: Re: [HACKERS] unclear about row-level security USING vs. CHECK
>
> On Mon, Sep 28, 2015 at 3:15 PM, Stephen Frost wrote:
> > I listed out the various alternatives but didn't end up getting any
> > responses to it. I'm still of t
cher
>
> Subject: Re: [HACKERS] unclear about row-level security USING vs. CHECK
>
> * Peter Eisentraut (pete...@gmx.net) wrote:
> > I see. But it is a bit odd to hide this very fundamental behavior
> > somewhere in a paragraph that starts out with something about roles.
&g
On Mon, Sep 28, 2015 at 3:15 PM, Stephen Frost wrote:
> I listed out the various alternatives but didn't end up getting any
> responses to it. I'm still of the opinion that the documentation is the
> main thing which needs improving here, but we can also change CREATE
> POLICY, et al, to require
* Peter Eisentraut (pete...@gmx.net) wrote:
> I see. But it is a bit odd to hide this very fundamental behavior
> somewhere in a paragraph that starts out with something about roles.
I'm happy to change that. You're right, it should be a paragraph by
itself.
> There is also a mistake, I believe
On Sat, Sep 26, 2015 at 9:46 PM, Peter Eisentraut wrote:
> On 9/23/15 3:41 PM, Stephen Frost wrote:
> I see. But it is a bit odd to hide this very fundamental behavior
> somewhere in a paragraph that starts out with something about roles.
>
> There is also a mistake, I believe: DELETE policies al
On 9/23/15 3:41 PM, Stephen Frost wrote:
> The CREATE POLICY documentation discusses how lack of a WITH CHECK
> policy means the USING expression is used:
>
> """
> Policies can be applied for specific commands or for specific roles. The
> default for newly created policies is that they apply for
Peter,
* Peter Eisentraut (pete...@gmx.net) wrote:
> I'm testing the new row-level security feature. I'm not clear on the
> difference between the USING and CHECK clauses in the CREATE POLICY
> statement.
>
> The documentation says:
>
> """
> A policy grants the ability to SELECT, INSERT, UPDAT
On 9/23/15 2:52 PM, Stephen Frost wrote:
>> That might be reasonable, but the documentation is completely wrong
>> about that.
>
> Really? I feel pretty confident that it's at least mentioned. I
> agree that it should be made more clear.
I quoted the documentation at the beginning of the thread
* Alvaro Herrera (alvhe...@2ndquadrant.com) wrote:
> Robert Haas wrote:
> > On Wed, Sep 23, 2015 at 2:39 PM, Stephen Frost wrote:
> > > * Robert Haas (robertmh...@gmail.com) wrote:
> > >> On Wed, Sep 23, 2015 at 12:01 PM, Stephen Frost
> > >> wrote:
> > >> > * Robert Haas (robertmh...@gmail.com)
Robert Haas wrote:
> On Wed, Sep 23, 2015 at 2:39 PM, Stephen Frost wrote:
> > * Robert Haas (robertmh...@gmail.com) wrote:
> >> On Wed, Sep 23, 2015 at 12:01 PM, Stephen Frost wrote:
> >> > * Robert Haas (robertmh...@gmail.com) wrote:
> >> >> My expectation would have been:
> >> >>
> >> >> If yo
* Peter Eisentraut (pete...@gmx.net) wrote:
> On 9/23/15 11:05 AM, Stephen Frost wrote:
> > That the USING policy is used if WITH CHECK isn't defined? That was
> > simply done to make policy management simple as in quite a few cases
> > only one policy is needed. If a WITH CHECK was always requir
On Wed, Sep 23, 2015 at 2:39 PM, Stephen Frost wrote:
> * Robert Haas (robertmh...@gmail.com) wrote:
>> On Wed, Sep 23, 2015 at 12:01 PM, Stephen Frost wrote:
>> > * Robert Haas (robertmh...@gmail.com) wrote:
>> >> My expectation would have been:
>> >>
>> >> If you specify USING, you can see only
* Robert Haas (robertmh...@gmail.com) wrote:
> On Wed, Sep 23, 2015 at 12:01 PM, Stephen Frost wrote:
> > * Robert Haas (robertmh...@gmail.com) wrote:
> >> My expectation would have been:
> >>
> >> If you specify USING, you can see only those rows, but you can give
> >> rows away freely. If you d
On 9/23/15 11:05 AM, Stephen Frost wrote:
> That the USING policy is used if WITH CHECK isn't defined? That was
> simply done to make policy management simple as in quite a few cases
> only one policy is needed. If a WITH CHECK was always required then
> you'd be constantly writing:
>
> CREATE P
On Wed, Sep 23, 2015 at 12:01 PM, Stephen Frost wrote:
> * Robert Haas (robertmh...@gmail.com) wrote:
>> On Wed, Sep 23, 2015 at 11:24 AM, Stephen Frost wrote:
>> > I'm working on a documentation patch with Adam to improve the docs
>> > around this (and other parts as well). I agree it doesn't c
* Robert Haas (robertmh...@gmail.com) wrote:
> On Wed, Sep 23, 2015 at 11:24 AM, Stephen Frost wrote:
> > I'm working on a documentation patch with Adam to improve the docs
> > around this (and other parts as well). I agree it doesn't come off as
> > naturally intuitive to everyone (it did to me,
On Wed, Sep 23, 2015 at 11:24 AM, Stephen Frost wrote:
> I'm working on a documentation patch with Adam to improve the docs
> around this (and other parts as well). I agree it doesn't come off as
> naturally intuitive to everyone (it did to me, but I'm clearly biased
> as, I think anyway, it was
* Robert Haas (robertmh...@gmail.com) wrote:
> On Wed, Sep 23, 2015 at 11:05 AM, Stephen Frost wrote:
> >> Gosh, I think it would have been better to have a cleaner separation
> >> of USING and WITH CHECK. That sounds far too unnecessarily magical.
> >
> > That the USING policy is used if WITH CH
* Robert Haas (robertmh...@gmail.com) wrote:
> On Tue, Sep 22, 2015 at 10:36 PM, Charles Clavadetscher
> wrote:
> > Since the policy is defined for ALL commands and no WITH CHECK is specified
> > then the same condition defined in USING takes effect for all commands,
> > i.e. including INSERT.
>
On Wed, Sep 23, 2015 at 11:05 AM, Stephen Frost wrote:
>> Gosh, I think it would have been better to have a cleaner separation
>> of USING and WITH CHECK. That sounds far too unnecessarily magical.
>
> That the USING policy is used if WITH CHECK isn't defined? That was
> simply done to make poli
On Tue, Sep 22, 2015 at 10:36 PM, Charles Clavadetscher
wrote:
> Since the policy is defined for ALL commands and no WITH CHECK is specified
> then the same condition defined in USING takes effect for all commands, i.e.
> including INSERT.
>
> From the docs
> (http://www.postgresql.org/docs/9.5
Hello Peter
> I'm testing the new row-level security feature. I'm not clear on the
> difference between the USING and CHECK clauses in the CREATE POLICY
> statement.
>
> The documentation says:
>
> """
> A policy grants the ability to SELECT, INSERT, UPDATE, or DELETE rows
> which match the rel
I'm testing the new row-level security feature. I'm not clear on the
difference between the USING and CHECK clauses in the CREATE POLICY
statement.
The documentation says:
"""
A policy grants the ability to SELECT, INSERT, UPDATE, or DELETE rows
which match the relevant policy expression. Existi
26 matches
Mail list logo