64 List **permissive_policies,
65 List **restrictive_policies);
72 List *permissive_policies,
73 List *restrictive_policies,
80 List *permissive_policies,
81 List *restrictive_policies,
82 List **withCheckOptions,
110 List **securityQuals,
List **withCheckOptions,
111 bool *hasRowSecurity,
bool *hasSubLinks)
117 List *permissive_policies;
118 List *restrictive_policies;
122 *securityQuals =
NIL;
123 *withCheckOptions =
NIL;
124 *hasRowSecurity =
false;
125 *hasSubLinks =
false;
130 if (rte->
relkind != RELKIND_RELATION &&
131 rte->
relkind != RELKIND_PARTITIONED_TABLE)
159 *hasRowSecurity =
true;
175 commandType = rt_index == root->resultRelation ?
208 List *update_permissive_policies;
209 List *update_restrictive_policies;
212 &update_permissive_policies,
213 &update_restrictive_policies);
216 update_permissive_policies,
217 update_restrictive_policies,
230 &restrictive_policies);
237 restrictive_policies,
255 List *select_permissive_policies;
256 List *select_restrictive_policies;
259 &select_permissive_policies,
260 &select_restrictive_policies);
263 select_permissive_policies,
264 select_restrictive_policies,
278 Assert(rt_index == root->resultRelation);
284 restrictive_policies,
298 List *select_permissive_policies =
NIL;
299 List *select_restrictive_policies =
NIL;
302 &select_permissive_policies,
303 &select_restrictive_policies);
307 select_permissive_policies,
308 select_restrictive_policies,
321 List *conflict_permissive_policies;
322 List *conflict_restrictive_policies;
323 List *conflict_select_permissive_policies =
NIL;
324 List *conflict_select_restrictive_policies =
NIL;
328 &conflict_permissive_policies,
329 &conflict_restrictive_policies);
339 conflict_permissive_policies,
340 conflict_restrictive_policies,
355 &conflict_select_permissive_policies,
356 &conflict_select_restrictive_policies);
359 conflict_select_permissive_policies,
360 conflict_select_restrictive_policies,
369 conflict_permissive_policies,
370 conflict_restrictive_policies,
384 conflict_select_permissive_policies,
385 conflict_select_restrictive_policies,
413 List *merge_permissive_policies;
414 List *merge_restrictive_policies;
421 &merge_permissive_policies,
422 &merge_restrictive_policies);
430 merge_permissive_policies,
431 merge_restrictive_policies,
440 &merge_permissive_policies,
441 &merge_restrictive_policies);
445 merge_permissive_policies,
446 merge_restrictive_policies,
457 &merge_permissive_policies,
458 &merge_restrictive_policies);
462 merge_permissive_policies,
463 merge_restrictive_policies,
471 merge_permissive_policies,
472 merge_restrictive_policies,
491 *hasRowSecurity =
true;
504 List **permissive_policies,
505 List **restrictive_policies)
509 *permissive_policies =
NIL;
510 *restrictive_policies =
NIL;
515 bool cmd_matches =
false;
519 if (policy->
polcmd ==
'*')
551 elog(
ERROR,
"unrecognized policy command type %d",
564 *permissive_policies =
lappend(*permissive_policies, policy);
566 *restrictive_policies =
lappend(*restrictive_policies, policy);
583 List *hook_policies =
584 (*row_security_policy_hook_restrictive) (cmd, relation);
594 foreach(item, hook_policies)
599 *restrictive_policies =
lappend(*restrictive_policies, policy);
605 List *hook_policies =
606 (*row_security_policy_hook_permissive) (cmd, relation);
608 foreach(item, hook_policies)
613 *permissive_policies =
lappend(*permissive_policies, policy);
663 List *permissive_policies,
664 List *restrictive_policies,
665 List **securityQuals,
676 foreach(item, permissive_policies)
680 if (policy->
qual != NULL)
682 permissive_quals =
lappend(permissive_quals,
694 if (permissive_quals !=
NIL)
702 foreach(item, restrictive_policies)
707 if (policy->
qual != NULL)
736 *securityQuals =
lappend(*securityQuals,
761 List *permissive_policies,
762 List *restrictive_policies,
763 List **withCheckOptions,
770 #define QUAL_FOR_WCO(policy) \
772 (policy)->with_check_qual != NULL ? \
773 (policy)->with_check_qual : (policy)->qual )
779 foreach(item, permissive_policies)
798 if (permissive_quals !=
NIL)
830 foreach(item, restrictive_policies)
869 *withCheckOptions =
lappend(*withCheckOptions, wco);
bool has_privs_of_role(Oid member, Oid role)
#define OidIsValid(objectId)
elog(ERROR, "%s: %s", p2, msg)
Assert(fmt[strlen(fmt) - 1] !='\n')
void list_sort(List *list, list_sort_comparator cmp)
List * lappend(List *list, void *datum)
List * list_append_unique(List *list, void *datum)
Const * makeConst(Oid consttype, int32 consttypmod, Oid constcollid, int constlen, Datum constvalue, bool constisnull, bool constbyval)
Expr * makeBoolExpr(BoolExprType boolop, List *args, int location)
char * pstrdup(const char *in)
RTEPermissionInfo * getRTEPermissionInfo(List *rteperminfos, RangeTblEntry *rte)
@ WCO_RLS_MERGE_UPDATE_CHECK
@ WCO_RLS_MERGE_DELETE_CHECK
static int list_length(const List *l)
static Datum BoolGetDatum(bool X)
#define RelationGetRelationName(relation)
void setRuleCheckAsUser(Node *node, Oid userid)
void ChangeVarNodes(Node *node, int rt_index, int new_index, int sublevels_up)
int check_enable_rls(Oid relid, Oid checkAsUser, bool noError)
row_security_policy_hook_type row_security_policy_hook_permissive
void get_row_security_policies(Query *root, RangeTblEntry *rte, int rt_index, List **securityQuals, List **withCheckOptions, bool *hasRowSecurity, bool *hasSubLinks)
static bool check_role_for_policy(ArrayType *policy_roles, Oid user_id)
row_security_policy_hook_type row_security_policy_hook_restrictive
#define QUAL_FOR_WCO(policy)
static void sort_policies_by_name(List *policies)
static void add_with_check_options(Relation rel, int rt_index, WCOKind kind, List *permissive_policies, List *restrictive_policies, List **withCheckOptions, bool *hasSubLinks, bool force_using)
static void get_policies_for_relation(Relation relation, CmdType cmd, Oid user_id, List **permissive_policies, List **restrictive_policies)
static int row_security_policy_cmp(const ListCell *a, const ListCell *b)
static void add_security_quals(int rt_index, List *permissive_policies, List *restrictive_policies, List **securityQuals, bool *hasSubLinks)
List *(* row_security_policy_hook_type)(CmdType cmdtype, Relation relation)
OnConflictExpr * onConflict
struct RowSecurityDesc * rd_rsdesc
void table_close(Relation relation, LOCKMODE lockmode)
Relation table_open(Oid relationId, LOCKMODE lockmode)