RLS and Table Inheritance

public inbox for [email protected]  
help / color / mirror / Atom feed

RLS and Table Inheritance
2+ messages / 2 participants
[nested] [flat]

* RLS and Table Inheritance
@ 2024-09-12 13:19  Sanjay Minni <[email protected]>
  0 siblings, 1 reply; 2+ messages in thread

From: Sanjay Minni @ 2024-09-12 13:19 UTC (permalink / raw)
  To: pgsql-generallists.postgresql.org <[email protected]>

Hi,

Do RLS policies defined at the parent, work on the child (in Table
inheritance).
At the parent I have a column 'site_id' with an RLS policy that only rows
with site_id = current_setting(curr_site_id) would be accessible.
However the policy defined at the parent does not work for me in inherited
tables. Is it intended that way ?
Is there a solution to reflect the RLS policy along the line of
inheritance, else i have to redefine the RLS policy at each inherited table
(a significant maintenance effort).

In another post I see conflicting views on this
https://www.postgresql.org/message-id/[email protected]
.
While the original post seemed to get a prototype working,  the response
says that RLS policy will not be inherited and needs to be reimplemented at
each table.

thanks
Sanjay

^ permalink  raw  reply  [nested|flat] 2+ messages in thread

* Re: RLS and Table Inheritance
@ 2024-09-12 14:19  Tom Lane <[email protected]>
  parent: Sanjay Minni <[email protected]>
  0 siblings, 0 replies; 2+ messages in thread

From: Tom Lane @ 2024-09-12 14:19 UTC (permalink / raw)
  To: Sanjay Minni <[email protected]>; +Cc: pgsql-generallists.postgresql.org <[email protected]>

Sanjay Minni <[email protected]> writes:
> Do RLS policies defined at the parent, work on the child (in Table
> inheritance).
> At the parent I have a column 'site_id' with an RLS policy that only rows
> with site_id = current_setting(curr_site_id) would be accessible.
> However the policy defined at the parent does not work for me in inherited
> tables. Is it intended that way ?

If you mean when accessing the child tables directly, yes.

			regards, tom lane






^ permalink  raw  reply  [nested|flat] 2+ messages in thread

end of thread, other threads:[~2024-09-12 14:19 UTC | newest]

Thread overview: 2+ messages (download: mbox mbox.gz follow: Atom feed)
-- links below jump to the message on this page --
2024-09-12 13:19 RLS and Table Inheritance Sanjay Minni <[email protected]>
2024-09-12 14:19 ` Tom Lane <[email protected]>

This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox