PostgreSQL Source Code  git master
rls.h
Go to the documentation of this file.
1 /*-------------------------------------------------------------------------
2  *
3  * rls.h
4  * Header file for Row Level Security (RLS) utility commands to be used
5  * with the rowsecurity feature.
6  *
7  * Copyright (c) 2007-2024, PostgreSQL Global Development Group
8  *
9  * src/include/utils/rls.h
10  *
11  *-------------------------------------------------------------------------
12  */
13 #ifndef RLS_H
14 #define RLS_H
15 
16 /* GUC variable */
17 extern PGDLLIMPORT bool row_security;
18 
19 /*
20  * Used by callers of check_enable_rls.
21  *
22  * RLS could be completely disabled on the tables involved in the query,
23  * which is the simple case, or it may depend on the current environment
24  * (the role which is running the query or the value of the row_security
25  * GUC), or it might be simply enabled as usual.
26  *
27  * If RLS isn't on the table involved then RLS_NONE is returned to indicate
28  * that we don't need to worry about invalidating the query plan for RLS
29  * reasons. If RLS is on the table, but we are bypassing it for now, then
30  * we return RLS_NONE_ENV to indicate that, if the environment changes,
31  * we need to invalidate and replan. Finally, if RLS should be turned on
32  * for the query, then we return RLS_ENABLED, which means we also need to
33  * invalidate if the environment changes.
34  *
35  * Note that RLS_ENABLED will also be returned if noError is true
36  * (indicating that the caller simply want to know if RLS should be applied
37  * for this user but doesn't want an error thrown if it is; this is used
38  * by other error cases where we're just trying to decide if data from the
39  * table should be passed back to the user or not).
40  */
42 {
46 };
47 
48 extern int check_enable_rls(Oid relid, Oid checkAsUser, bool noError);
49 
50 #endif /* RLS_H */
#define PGDLLIMPORT
Definition: c.h:1319
unsigned int Oid
Definition: postgres_ext.h:31
int check_enable_rls(Oid relid, Oid checkAsUser, bool noError)
Definition: rls.c:52
PGDLLIMPORT bool row_security
Definition: guc_tables.c:510
CheckEnableRlsResult
Definition: rls.h:42
@ RLS_NONE
Definition: rls.h:43
@ RLS_NONE_ENV
Definition: rls.h:44
@ RLS_ENABLED
Definition: rls.h:45