101{
103 int rls_status;
106 List *permissive_policies;
107 List *restrictive_policies;
109
110
111 *securityQuals =
NIL;
112 *withCheckOptions =
NIL;
113 *hasRowSecurity = false;
114 *hasSubLinks = false;
115
117
118
119 if (rte->relkind != RELKIND_RELATION &&
120 rte->relkind != RELKIND_PARTITIONED_TABLE)
121 return;
122
124
125
128
129
131
132
134 return;
135
136
137
138
139
140
142 {
143
144
145
146
147
148 *hasRowSecurity = true;
149
150 return;
151 }
152
153
154
155
156
157
158
159
160
161
163
164 commandType = rt_index ==
root->resultRelation ?
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
196 {
197 List *update_permissive_policies;
198 List *update_restrictive_policies;
199
201 &update_permissive_policies,
202 &update_restrictive_policies);
203
205 update_permissive_policies,
206 update_restrictive_policies,
207 securityQuals,
208 hasSubLinks);
209 }
210
211
212
213
214
215
216
217
219 &restrictive_policies);
220
225 permissive_policies,
226 restrictive_policies,
227 securityQuals,
228 hasSubLinks);
229
230
231
232
233
234
235
236
237
238
239
243 {
244 List *select_permissive_policies;
245 List *select_restrictive_policies;
246
248 &select_permissive_policies,
249 &select_restrictive_policies);
250
252 select_permissive_policies,
253 select_restrictive_policies,
254 securityQuals,
255 hasSubLinks);
256 }
257
258
259
260
261
262
263
265 {
266
268
272 permissive_policies,
273 restrictive_policies,
274 withCheckOptions,
275 hasSubLinks,
276 false);
277
278
279
280
281
282
283
284
286 {
287 List *select_permissive_policies =
NIL;
288 List *select_restrictive_policies =
NIL;
289
291 &select_permissive_policies,
292 &select_restrictive_policies);
296 select_permissive_policies,
297 select_restrictive_policies,
298 withCheckOptions,
299 hasSubLinks,
300 true);
301 }
302
303
304
305
306
309 {
310 List *conflict_permissive_policies;
311 List *conflict_restrictive_policies;
312 List *conflict_select_permissive_policies =
NIL;
313 List *conflict_select_restrictive_policies =
NIL;
314
315
317 &conflict_permissive_policies,
318 &conflict_restrictive_policies);
319
320
321
322
323
324
325
328 conflict_permissive_policies,
329 conflict_restrictive_policies,
330 withCheckOptions,
331 hasSubLinks,
332 true);
333
334
335
336
337
338
339
340
342 {
344 &conflict_select_permissive_policies,
345 &conflict_select_restrictive_policies);
348 conflict_select_permissive_policies,
349 conflict_select_restrictive_policies,
350 withCheckOptions,
351 hasSubLinks,
352 true);
353 }
354
355
358 conflict_permissive_policies,
359 conflict_restrictive_policies,
360 withCheckOptions,
361 hasSubLinks,
362 false);
363
364
365
366
367
368
369
373 conflict_select_permissive_policies,
374 conflict_select_restrictive_policies,
375 withCheckOptions,
376 hasSubLinks,
377 true);
378 }
379 }
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
405 {
406 List *merge_update_permissive_policies;
407 List *merge_update_restrictive_policies;
408 List *merge_delete_permissive_policies;
409 List *merge_delete_restrictive_policies;
410 List *merge_insert_permissive_policies;
411 List *merge_insert_restrictive_policies;
412 List *merge_select_permissive_policies =
NIL;
413 List *merge_select_restrictive_policies =
NIL;
414
415
416
417
418
420 &merge_update_permissive_policies,
421 &merge_update_restrictive_policies);
422
423
424
425
426
429 merge_update_permissive_policies,
430 merge_update_restrictive_policies,
431 withCheckOptions,
432 hasSubLinks,
433 true);
434
435
438 merge_update_permissive_policies,
439 merge_update_restrictive_policies,
440 withCheckOptions,
441 hasSubLinks,
442 false);
443
444
445
446
447
448
450 {
452 &merge_select_permissive_policies,
453 &merge_select_restrictive_policies);
456 merge_select_permissive_policies,
457 merge_select_restrictive_policies,
458 withCheckOptions,
459 hasSubLinks,
460 true);
461 }
462
463
464
465
466
468 &merge_delete_permissive_policies,
469 &merge_delete_restrictive_policies);
470
471
472
473
474
477 merge_delete_permissive_policies,
478 merge_delete_restrictive_policies,
479 withCheckOptions,
480 hasSubLinks,
481 true);
482
483
484
485
486
487
489 &merge_insert_permissive_policies,
490 &merge_insert_restrictive_policies);
491
494 merge_insert_permissive_policies,
495 merge_insert_restrictive_policies,
496 withCheckOptions,
497 hasSubLinks,
498 false);
499
500
501
502
503
504
505
509 merge_select_permissive_policies,
510 merge_select_restrictive_policies,
511 withCheckOptions,
512 hasSubLinks,
513 true);
514 }
515
517
518
519
520
521
524
525
526
527
528
529 *hasRowSecurity = true;
530}
#define Assert(condition)
#define OidIsValid(objectId)
RTEPermissionInfo * getRTEPermissionInfo(List *rteperminfos, RangeTblEntry *rte)
@ WCO_RLS_MERGE_UPDATE_CHECK
@ WCO_RLS_MERGE_DELETE_CHECK
void setRuleCheckAsUser(Node *node, Oid userid)
int check_enable_rls(Oid relid, Oid checkAsUser, bool noError)
static void add_with_check_options(Relation rel, int rt_index, WCOKind kind, List *permissive_policies, List *restrictive_policies, List **withCheckOptions, bool *hasSubLinks, bool force_using)
static void get_policies_for_relation(Relation relation, CmdType cmd, Oid user_id, List **permissive_policies, List **restrictive_policies)
static void add_security_quals(int rt_index, List *permissive_policies, List *restrictive_policies, List **securityQuals, bool *hasSubLinks)
void table_close(Relation relation, LOCKMODE lockmode)
Relation table_open(Oid relationId, LOCKMODE lockmode)