summaryrefslogtreecommitdiffstats
path: root/doc/src/sgml/html/catalog-pg-policy.html
blob: 1d819e59e7a853a861479260c45f085dc05d5163 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>53.38. pg_policy</title><link rel="stylesheet" type="text/css" href="stylesheet.css" /><link rev="made" href="pgsql-docs@lists.postgresql.org" /><meta name="generator" content="DocBook XSL Stylesheets Vsnapshot" /><link rel="prev" href="catalog-pg-partitioned-table.html" title="53.37. pg_partitioned_table" /><link rel="next" href="catalog-pg-proc.html" title="53.39. pg_proc" /></head><body id="docContent" class="container-fluid col-10"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="5" align="center">53.38. <code class="structname">pg_policy</code></th></tr><tr><td width="10%" align="left"><a accesskey="p" href="catalog-pg-partitioned-table.html" title="53.37. pg_partitioned_table">Prev</a> </td><td width="10%" align="left"><a accesskey="u" href="catalogs.html" title="Chapter 53. System Catalogs">Up</a></td><th width="60%" align="center">Chapter 53. System Catalogs</th><td width="10%" align="right"><a accesskey="h" href="index.html" title="PostgreSQL 15.4 Documentation">Home</a></td><td width="10%" align="right"> <a accesskey="n" href="catalog-pg-proc.html" title="53.39. pg_proc">Next</a></td></tr></table><hr /></div><div class="sect1" id="CATALOG-PG-POLICY"><div class="titlepage"><div><div><h2 class="title" style="clear: both">53.38. <code class="structname">pg_policy</code></h2></div></div></div><a id="id-1.10.4.40.2" class="indexterm"></a><p>
   The catalog <code class="structname">pg_policy</code> stores row-level
   security policies for tables.  A policy includes the kind of
   command that it applies to (possibly all commands), the roles that it
   applies to, the expression to be added as a security-barrier
   qualification to queries that include the table, and the expression
   to be added as a <code class="literal">WITH CHECK</code> option for queries that attempt to
   add new records to the table.
  </p><div class="table" id="id-1.10.4.40.4"><p class="title"><strong>Table 53.38. <code class="structname">pg_policy</code> Columns</strong></p><div class="table-contents"><table class="table" summary="pg_policy Columns" border="1"><colgroup><col /></colgroup><thead><tr><th class="catalog_table_entry"><p class="column_definition">
       Column Type
      </p>
      <p>
       Description
      </p></th></tr></thead><tbody><tr><td class="catalog_table_entry"><p class="column_definition">
       <code class="structfield">oid</code> <code class="type">oid</code>
      </p>
      <p>
       Row identifier
      </p></td></tr><tr><td class="catalog_table_entry"><p class="column_definition">
       <code class="structfield">polname</code> <code class="type">name</code>
      </p>
      <p>
       The name of the policy
      </p></td></tr><tr><td class="catalog_table_entry"><p class="column_definition">
       <code class="structfield">polrelid</code> <code class="type">oid</code>
       (references <a class="link" href="catalog-pg-class.html" title="53.11. pg_class"><code class="structname">pg_class</code></a>.<code class="structfield">oid</code>)
      </p>
      <p>
       The table to which the policy applies
      </p></td></tr><tr><td class="catalog_table_entry"><p class="column_definition">
       <code class="structfield">polcmd</code> <code class="type">char</code>
      </p>
      <p>
       The command type to which the policy is applied:
       <code class="literal">r</code> for <a class="xref" href="sql-select.html" title="SELECT"><span class="refentrytitle">SELECT</span></a>,
       <code class="literal">a</code> for <a class="xref" href="sql-insert.html" title="INSERT"><span class="refentrytitle">INSERT</span></a>,
       <code class="literal">w</code> for <a class="xref" href="sql-update.html" title="UPDATE"><span class="refentrytitle">UPDATE</span></a>,
       <code class="literal">d</code> for <a class="xref" href="sql-delete.html" title="DELETE"><span class="refentrytitle">DELETE</span></a>,
       or <code class="literal">*</code> for all
      </p></td></tr><tr><td class="catalog_table_entry"><p class="column_definition">
       <code class="structfield">polpermissive</code> <code class="type">bool</code>
      </p>
      <p>
       Is the policy permissive or restrictive?
      </p></td></tr><tr><td class="catalog_table_entry"><p class="column_definition">
       <code class="structfield">polroles</code> <code class="type">oid[]</code>
       (references <a class="link" href="catalog-pg-authid.html" title="53.8. pg_authid"><code class="structname">pg_authid</code></a>.<code class="structfield">oid</code>)
      </p>
      <p>
       The roles to which the policy is applied;
       zero means <code class="literal">PUBLIC</code>
       (and normally appears alone in the array)
      </p></td></tr><tr><td class="catalog_table_entry"><p class="column_definition">
       <code class="structfield">polqual</code> <code class="type">pg_node_tree</code>
      </p>
      <p>
       The expression tree to be added to the security barrier qualifications for queries that use the table
      </p></td></tr><tr><td class="catalog_table_entry"><p class="column_definition">
       <code class="structfield">polwithcheck</code> <code class="type">pg_node_tree</code>
      </p>
      <p>
       The expression tree to be added to the WITH CHECK qualifications for queries that attempt to add rows to the table
      </p></td></tr></tbody></table></div></div><br class="table-break" /><div class="note"><h3 class="title">Note</h3><p>
    Policies stored in <code class="structname">pg_policy</code> are applied only when
    <a class="link" href="catalog-pg-class.html" title="53.11. pg_class"><code class="structname">pg_class</code></a>.<code class="structfield">relrowsecurity</code> is set for
    their table.
   </p></div></div><div class="navfooter"><hr /><table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"><a accesskey="p" href="catalog-pg-partitioned-table.html" title="53.37. pg_partitioned_table">Prev</a> </td><td width="20%" align="center"><a accesskey="u" href="catalogs.html" title="Chapter 53. System Catalogs">Up</a></td><td width="40%" align="right"> <a accesskey="n" href="catalog-pg-proc.html" title="53.39. pg_proc">Next</a></td></tr><tr><td width="40%" align="left" valign="top">53.37. <code class="structname">pg_partitioned_table</code> </td><td width="20%" align="center"><a accesskey="h" href="index.html" title="PostgreSQL 15.4 Documentation">Home</a></td><td width="40%" align="right" valign="top"> 53.39. <code class="structname">pg_proc</code></td></tr></table></div></body></html>