Re: [PATCH] Add pg_get_policy_ddl() function to reconstruct CREATE POLICY statement

public inbox for pgsql-hackers@postgresql.org  
help / color / mirror / Atom feed

From: jian he <jian.universality@gmail.com>
To: Akshay Joshi <akshay.joshi@enterprisedb.com>
Cc: Philip Alger <paalger0@gmail.com>
Cc: pgsql-hackers <pgsql-hackers@postgresql.org>
Subject: Re: [PATCH] Add pg_get_policy_ddl() function to reconstruct CREATE POLICY statement
Date: Thu, 16 Oct 2025 17:14:30 +0800
Message-ID: <CACJufxHND276gdo1oHkj_VrOX7=N3z=ymJHD1s2vgxAeESHO+w@mail.gmail.com> (raw)
In-Reply-To: <CANxoLDdef6wW=T5czPSKPsk3xWeEHTeKxxxYMucmr-HURyoOgQ@mail.gmail.com>
References: <CANxoLDdJsRJqnjMXV3yjsk07Z5iRWxG-c2hZJC7bAKqf8ZXj_A@mail.gmail.com>
	<CAPXBC8+i=c7FCcGr6OR0y=mcx3EfdXuxyk_XYgSQ7+egGvb8vA@mail.gmail.com>
	<CANxoLDdef6wW=T5czPSKPsk3xWeEHTeKxxxYMucmr-HURyoOgQ@mail.gmail.com>

hi. I still can not compile your v2.

../../Desktop/pg_src/src1/postgres/src/backend/utils/adt/ruleutils.c:
In function ‘get_formatted_string’:
../../Desktop/pg_src/src1/postgres/src/backend/utils/adt/ruleutils.c:13770:9:
error: function ‘get_formatted_string’ might be a candidate for
‘gnu_printf’ format attribute [-Werror=suggest-attribute=format]
13770 |         appendStringInfoVA(buf, fmt, args);
      |         ^~~~~~~~~~~~~~~~~~
cc1: all warnings being treated as errors

Maybe you can register your patch on https://commitfest.postgresql.org/
then it will run all CI tests on all kinds of OS.

row security policy qual and with_check_qual can contain sublink/subquery.
but pg_get_expr can not cope with sublink/subquery.

see pg_get_expr comments below:
 * Currently, the expression can only refer to a single relation, namely
 * the one specified by the second parameter.  This is sufficient for
 * partial indexes, column default expressions, etc.  We also support
 * Var-free expressions, for which the OID can be InvalidOid.

see commit 6867f96 and
https://www.postgresql.org/message-id/flat/20211219205422.GT17618%40telsasoft.com

I guess (because I can not compile, mentioned above):
"ERROR:  expression contains variables"
can be triggered by the following setup:

create table t(a int);
CREATE POLICY p1 ON t AS RESTRICTIVE FOR ALL
USING (a IS NOT NULL AND (SELECT 1 = 1 FROM pg_rewrite WHERE
pg_get_function_arg_default(ev_class, 1) !~~ pg_get_expr(ev_qual, 0,
false)));
SELECT pg_get_policy_ddl('t', 'p1', true);

You can also check my patch at https://commitfest.postgresql.org/patch/6054/
which similarly needs to build the POLICY definition for reconstruction.

see RelationBuildRowSecurity, checkExprHasSubLink also.

reply

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Reply to all the recipients using the --to and --cc options:
  reply via email

  To: pgsql-hackers@postgresql.org
  Cc: jian.universality@gmail.com, akshay.joshi@enterprisedb.com, paalger0@gmail.com
  Subject: Re: [PATCH] Add pg_get_policy_ddl() function to reconstruct CREATE POLICY statement
  In-Reply-To: <CACJufxHND276gdo1oHkj_VrOX7=N3z=ymJHD1s2vgxAeESHO+w@mail.gmail.com>

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox