summaryrefslogtreecommitdiffstats
path: root/src/include/rewrite/rowsecurity.h
blob: d20843572347644895584a244c3c406e975c0132 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
/* -------------------------------------------------------------------------
 *
 * rowsecurity.h
 *
 *	  prototypes for rewrite/rowsecurity.c and the structures for managing
 *	  the row security policies for relations in relcache.
 *
 * Portions Copyright (c) 1996-2023, PostgreSQL Global Development Group
 * Portions Copyright (c) 1994, Regents of the University of California
 *
 * -------------------------------------------------------------------------
 */
#ifndef ROWSECURITY_H
#define ROWSECURITY_H

#include "nodes/parsenodes.h"
#include "utils/array.h"
#include "utils/relcache.h"

typedef struct RowSecurityPolicy
{
	char	   *policy_name;	/* Name of the policy */
	char		polcmd;			/* Type of command policy is for */
	ArrayType  *roles;			/* Array of roles policy is for */
	bool		permissive;		/* restrictive or permissive policy */
	Expr	   *qual;			/* Expression to filter rows */
	Expr	   *with_check_qual;	/* Expression to limit rows allowed */
	bool		hassublinks;	/* If either expression has sublinks */
} RowSecurityPolicy;

typedef struct RowSecurityDesc
{
	MemoryContext rscxt;		/* row security memory context */
	List	   *policies;		/* list of row security policies */
} RowSecurityDesc;

typedef List *(*row_security_policy_hook_type) (CmdType cmdtype,
												Relation relation);

extern PGDLLIMPORT row_security_policy_hook_type row_security_policy_hook_permissive;

extern PGDLLIMPORT row_security_policy_hook_type row_security_policy_hook_restrictive;

extern void get_row_security_policies(Query *root,
									  RangeTblEntry *rte, int rt_index,
									  List **securityQuals, List **withCheckOptions,
									  bool *hasRowSecurity, bool *hasSubLinks);

#endif							/* ROWSECURITY_H */