public inbox for pgsql-hackers@postgresql.org
help / color / mirror / Atom feedFrom: Japin Li <japinli@hotmail.com>
To: Akshay Joshi <akshay.joshi@enterprisedb.com>
Cc: jian he <jian.universality@gmail.com>
Cc: Marcos Pegoraro <marcos@f10.com.br>
Cc: Mark Wong <markwkm@gmail.com>
Cc: Álvaro Herrera <alvherre@kurilemu.de>
Cc: pgsql-hackers <pgsql-hackers@postgresql.org>
Subject: Re: [PATCH] Add pg_get_policy_ddl() function to reconstruct CREATE POLICY statement
Date: Sat, 23 May 2026 00:24:54 +0800
Message-ID: <SY7PR01MB109217288F5A2BD343E7A7727B60F2@SY7PR01MB10921.ausprd01.prod.outlook.com> (raw)
In-Reply-To: <CANxoLDfdZTLLJqXnnfUYG-Uw4LHBKKnB5f1XOdaQ3ZET=K1qnw@mail.gmail.com>
References: <CANxoLDdJsRJqnjMXV3yjsk07Z5iRWxG-c2hZJC7bAKqf8ZXj_A@mail.gmail.com>
<202510151529.s3fpwsgben57@alvherre.pgsql>
<CANxoLDfXKWRQ0KZFtaChr2NX3UWSQq3ji7OJqBp-_-th2Zj6Fg@mail.gmail.com>
<aP-hllbRdgqbmB8L@ltdrgnflg2>
<CANxoLDc8UnFuKA2RX6UR_KZWRH6itmrhXK7hoFyF=5kCyfFOGA@mail.gmail.com>
<CANxoLDfyk_+h91FNq5VNemXTBpES0aLPtLp2myTyWgquUHSQ3A@mail.gmail.com>
<CANxoLDfw=ERY89RR08s+qXwgUQvLCFF0pVG_e0fDT14rwZsWRg@mail.gmail.com>
<CAB-JLwYpfK3WCFJ1MT1sAB7Zj9w61wv7fMuCH2vZGW9W4JP15w@mail.gmail.com>
<CANxoLDdV-ciaYqhWiZCRh3Nv+iW9o1LOGvS83TCZ=5X261OjNA@mail.gmail.com>
<CAB-JLwaDPJupWecAsvmNc7y7L5cQjV5P9epSFsTed1hEDbqUSA@mail.gmail.com>
<CANxoLDczdpL9XZhqrA0f8aOocnr_V0az1dtw8iq9YJoN+tWNbw@mail.gmail.com>
<CANxoLDfD_MnK+2=XrWr_fZRh1qbLriO=7MbbZ9UAcwktydFnBA@mail.gmail.com>
<CACJufxETscX67o0t9S6Y8EBBVE21R0zAEG4eXJUYHLidLNfEKQ@mail.gmail.com>
<CANxoLDfdZTLLJqXnnfUYG-Uw4LHBKKnB5f1XOdaQ3ZET=K1qnw@mail.gmail.com>
Hi, Akshay
On Fri, 22 May 2026 at 19:02, Akshay Joshi <akshay.joshi@enterprisedb.com> wrote:
> Hi hackers,
>
>
> Following the recently committed pg_get_database_ddl(), which adopted a VARIADIC options text[] style for
> DDL-reconstruction functions, here is a patch in the same spirit for row-level security policies.
>
> The new function:
> pg_get_policy_ddl(table regclass, policy_name name, VARIADIC options text[]) RETURNS setof text
>
> Reconstructs the CREATE POLICY statement for the named policy on the given table, returning the result as a single row.
>
> The currently supported option is pretty (boolean) for formatted output.
>
> SELECT * FROM pg_get_policy_ddl('rls_table', 'pol1');
> SELECT * FROM pg_get_policy_ddl('rls_table', 'pol1', 'pretty', 'true');
>
> NULL inputs for table or policy_name return no rows. Unknown option names, invalid boolean values, and duplicate options
> are reported as errors consistent with the pattern established by pg_get_database_ddl().
>
> The patch includes documentation updates in func-info.sgml and regression tests in rowsecurity.sql covering
> PERMISSIVE/RESTRICTIVE, each command type (ALL/SELECT/INSERT/UPDATE/DELETE), TO role lists, both USING and WITH CHECK
> clauses, pretty/non-pretty output, and the error paths above.
>
> Patch is ready for review.
>
> On Mon, Jan 5, 2026 at 8:00 PM jian he <jian.universality@gmail.com> wrote:
>
> On Thu, Nov 20, 2025 at 5:27 PM Akshay Joshi
> <akshay.joshi@enterprisedb.com> wrote:
> >
> > Attached is the v8 patch for your review, with updated variable names and a rebase applied.
> >
> hi.
>
> + <tbody>
> + <row>
> + <entry role="func_table_entry"><para role="func_signature">
> + <indexterm>
> + <primary>pg_get_policy_ddl</primary>
> + </indexterm>
> + <function>pg_get_policy_ddl</function>
> + ( <parameter>table</parameter> <type>regclass</type>,
> <parameter>policy_name</parameter> <type>name</type>, <optional>
> <parameter>pretty</parameter> <type>boolean</type> </optional> )
> + <returnvalue>text</returnvalue>
> + </para>
> + <para>
> + Reconstructs the <command>CREATE POLICY</command> statement from the
> + system catalogs for a specified table and policy name. The result is a
> + comprehensive <command>CREATE POLICY</command> statement.
> + </para></entry>
> + </row>
> + </tbody>
>
> ( <parameter>table</parameter> <type>regclass</type> ...
> this line is way too long, we can split it into several lines, it
> won't affect the appearance.
>
> like:
> <function>pg_get_policy_ddl</function>
> ( <parameter>table</parameter> <type>regclass</type>,
> <parameter>policy_name</parameter> <type>name</type>,
> <optional> <parameter>pretty</parameter>
> <type>boolean</type> </optional> )
> <returnvalue>text</returnvalue>
>
> Also, the explanation does not mention that the default value of
> pretty is false.
>
> index 2d946d6d9e9..a5e22374668 100644
> --- a/src/backend/catalog/system_functions.sql
> +++ b/src/backend/catalog/system_functions.sql
> @@ -657,6 +657,12 @@ LANGUAGE INTERNAL
> STRICT VOLATILE PARALLEL UNSAFE
> AS 'pg_replication_origin_session_setup';
>
> +CREATE OR REPLACE FUNCTION
> + pg_get_policy_ddl(tableID regclass, policyName name, pretty bool
> DEFAULT false)
> +RETURNS text
> +LANGUAGE INTERNAL
> +AS 'pg_get_policy_ddl';
> +
>
> The partial upper casing above has no effect; it's the same as
> ``pg_get_policy_ddl(tableid regclass, policyname name, pretty bool
> DEFAULT false)``
>
Thanks for updating the patch. Just one nitpick below.
+ append_ddl_option(&buf, pretty, 4, "USING (%s)",
+ TextDatumGetCString(expr));
The expression string already contains the parentheses, so we can omit them
here, as well as in the WITH CHECK clause.
--
Regards,
Japin Li
ChengDu WenWu Information Technology Co., Ltd.
reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Reply to all the recipients using the --to and --cc options:
reply via email
To: pgsql-hackers@postgresql.org
Cc: japinli@hotmail.com, akshay.joshi@enterprisedb.com, jian.universality@gmail.com, marcos@f10.com.br, markwkm@gmail.com, alvherre@kurilemu.de
Subject: Re: [PATCH] Add pg_get_policy_ddl() function to reconstruct CREATE POLICY statement
In-Reply-To: <SY7PR01MB109217288F5A2BD343E7A7727B60F2@SY7PR01MB10921.ausprd01.prod.outlook.com>
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox