I created a login role in Postgres then I tried to give permissions to modify specified rows on a table using row level security. I've tried thousands times but it doesn't work. I have only one table.
Asked
Active
Viewed 1,682 times
0
-
1How do you know it didn't work? – Łukasz Kamiński Jun 08 '17 at 13:18
-
The screenshot shows that the creation of the rule worked just fine.So what exactly do you mean with "not working"? – Jun 08 '17 at 13:33
-
What the values of id? – Sergey Gershkovich Jun 08 '17 at 17:59
1 Answers
3
You didn't give enough information on what steps you took to come to your conclusion that it doesn't work, so I'll cover both cases:
- You created policy, but didn't enable RLS on table. From documentation:
Note that row-level security must be enabled on the table (using ALTER TABLE ... ENABLE ROW LEVEL SECURITY) in order for created policies to be applied.
- You are testing RLS using owner role, superuser role or role that inherits privileges from one of those. They bypass RLS by default. You can force RLS on table owner by
ALTER TABLE [..] FORCE ROW LEVEL SECURITY, but you can't do that for superuser.
Łukasz Kamiński
- 5,630
- 1
- 19
- 32
-
I have enabled RLS . I created login role sergio and tried to give permissions to this role.Logged in as sergio and when i try to access my table i get an error message. No permissions . I posted the screenshot to be sure that I have not made a syntax mistake. any idea ? – Sergio Merdani Jun 08 '17 at 14:14
-
Can you update your question with table definition from pgAdmin, including create query and permission grants? – Łukasz Kamiński Jun 09 '17 at 06:17
-
hello friend ! I added image as another below. If u have a solution it will be great. Thanks – Sergio Merdani Jun 09 '17 at 10:26
-
Also, any roles with the attributes 'superuser' or 'bypassrls' will never have RLS applied to them. In `psql` you can run `\dg` to see these attributes for all roles. – Silveri Nov 02 '18 at 13:30