database/postgres
database/postgres
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2025-05-05 09:19:17 +03:00
Code

Apply SELECT policies in INSERT/UPDATE+RETURNING

Browse Source 
Similar to 7d8db3e, given that INSERT+RETURNING requires SELECT rights
on the table, apply the SELECT policies as WCOs to the tuples being
inserted.  Apply the same logic to UPDATE+RETURNING.

Back-patch to 9.5 where RLS was added.
This commit is contained in:
Stephen Frost 2015-10-05 07:55:11 -04:00
parent 31fb4df69d
commit bd90147680
1 changed files with 29 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
src/backend/rewrite/rowsecurity.c
View File

@ -271,6 +271,30 @@ get_row_security_policies(Query *root, RangeTblEntry *rte, int rt_index,
withCheckOptions, withCheckOptions,
hasSubLinks); hasSubLinks);
/*
* Get and add ALL/SELECT policies, if SELECT rights are required
* for this relation (eg: when RETURNING is used). These are added as
* WCO policies rather than security quals to ensure that an error is
* raised if a policy is violated; otherwise, we might end up silently
* dropping rows to be added.
*/
if (rte->requiredPerms & ACL_SELECT)
{
List *select_permissive_policies = NIL;
List *select_restrictive_policies = NIL;
get_policies_for_relation(rel, CMD_SELECT, user_id,
&select_permissive_policies,
&select_restrictive_policies);
add_with_check_options(rel, rt_index,
commandType == CMD_INSERT ?
WCO_RLS_INSERT_CHECK : WCO_RLS_UPDATE_CHECK,
select_permissive_policies,
select_restrictive_policies,
withCheckOptions,
hasSubLinks);
}
/* /*
* For INSERT ... ON CONFLICT DO UPDATE we need additional policy * For INSERT ... ON CONFLICT DO UPDATE we need additional policy
* checks for the UPDATE which may be applied to the same RTE. * checks for the UPDATE which may be applied to the same RTE.
@ -300,9 +324,11 @@ get_row_security_policies(Query *root, RangeTblEntry *rte, int rt_index,
hasSubLinks); hasSubLinks);
/* /*
* Get and add ALL/SELECT policies, if SELECT rights are required * Get and add ALL/SELECT policies, as WCO_RLS_CONFLICT_CHECK
* for this relation, also as WCO policies, again, to avoid * WCOs to ensure they are considered when taking the UPDATE
* silently dropping data. See above. * path of an INSERT .. ON CONFLICT DO UPDATE, if SELECT
* rights are required for this relation, also as WCO policies,
* again, to avoid silently dropping data. See above.
*/ */
if (rte->requiredPerms & ACL_SELECT) if (rte->requiredPerms & ACL_SELECT)
{ {