From c7cf9a243336d5f48bb4a4297c9fba4210f3e981 Mon Sep 17 00:00:00 2001 From: Stephen Frost Date: Wed, 28 Jan 2015 21:47:15 -0500 Subject: [PATCH] Add usebypassrls to pg_user and pg_shadow The row level security patches didn't add the 'usebypassrls' columns to the pg_user and pg_shadow views on the belief that they were deprecated, but we havn't actually said they are and therefore we should include it. This patch corrects that, adds missing documentation for rolbypassrls into the system catalog page for pg_authid, along with the entries for pg_user and pg_shadow, and cleans up a few other uses of 'row-level' cases to be 'row level' in the docs. Pointed out by Amit Kapila. Catalog version bump due to system view changes. --- doc/src/sgml/catalogs.sgml | 33 ++++++++++++++++++++++++++-- src/backend/catalog/system_views.sql | 2 ++ src/include/catalog/catversion.h | 2 +- src/test/regress/expected/rules.out | 2 ++ 4 files changed, 36 insertions(+), 3 deletions(-) diff --git a/doc/src/sgml/catalogs.sgml b/doc/src/sgml/catalogs.sgml index 62305d2bb3..49891a4a7b 100644 --- a/doc/src/sgml/catalogs.sgml +++ b/doc/src/sgml/catalogs.sgml @@ -1444,6 +1444,15 @@ + + rolbypassrls + bool + + Role can bypass row level security policies, see + for more information. + + + rolconnlimit int4 @@ -1951,7 +1960,7 @@ bool - True if table has row-level security enabled; see + True if table has row level security enabled; see pg_policy catalog @@ -4719,7 +4728,7 @@ - The catalog pg_policy stores row-level + The catalog pg_policy stores row level security policies for tables. A policy includes the kind of command that it applies to (possibly all commands), the roles that it applies to, the expression to be added as a security-barrier @@ -9030,6 +9039,16 @@ SELECT * FROM pg_locks pl LEFT JOIN pg_prepared_xacts ppx + + usebypassrls + bool + + + User can bypass row level security policies, see + for more information. + + + passwd text @@ -9505,6 +9524,16 @@ SELECT * FROM pg_locks pl LEFT JOIN pg_prepared_xacts ppx + + usebypassrls + bool + + + User can bypass row level security policies, see + for more information. + + + passwd text diff --git a/src/backend/catalog/system_views.sql b/src/backend/catalog/system_views.sql index 6df6bf27d1..5e69e2b2ad 100644 --- a/src/backend/catalog/system_views.sql +++ b/src/backend/catalog/system_views.sql @@ -33,6 +33,7 @@ CREATE VIEW pg_shadow AS rolsuper AS usesuper, rolcatupdate AS usecatupd, rolreplication AS userepl, + rolbypassrls AS usebypassrls, rolpassword AS passwd, rolvaliduntil::abstime AS valuntil, setconfig AS useconfig @@ -58,6 +59,7 @@ CREATE VIEW pg_user AS usesuper, usecatupd, userepl, + usebypassrls, '********'::text as passwd, valuntil, useconfig diff --git a/src/include/catalog/catversion.h b/src/include/catalog/catversion.h index 13c4376b8c..2b7a0bb93b 100644 --- a/src/include/catalog/catversion.h +++ b/src/include/catalog/catversion.h @@ -53,6 +53,6 @@ */ /* yyyymmddN */ -#define CATALOG_VERSION_NO 201501241 +#define CATALOG_VERSION_NO 201501281 #endif diff --git a/src/test/regress/expected/rules.out b/src/test/regress/expected/rules.out index 7df5d2dce9..d50b103f15 100644 --- a/src/test/regress/expected/rules.out +++ b/src/test/regress/expected/rules.out @@ -1609,6 +1609,7 @@ pg_shadow| SELECT pg_authid.rolname AS usename, pg_authid.rolsuper AS usesuper, pg_authid.rolcatupdate AS usecatupd, pg_authid.rolreplication AS userepl, + pg_authid.rolbypassrls AS usebypassrls, pg_authid.rolpassword AS passwd, (pg_authid.rolvaliduntil)::abstime AS valuntil, s.setconfig AS useconfig @@ -2063,6 +2064,7 @@ pg_user| SELECT pg_shadow.usename, pg_shadow.usesuper, pg_shadow.usecatupd, pg_shadow.userepl, + pg_shadow.usebypassrls, '********'::text AS passwd, pg_shadow.valuntil, pg_shadow.useconfig