Greetings, * Dean Rasheed (dean.a.rash...@gmail.com) wrote: > On Thu, 21 Mar 2019 at 00:39, PG Bug reporting form > <nore...@postgresql.org> wrote: > > > > This fails, seemingly because the RLS on 'bar' is being checked by alice, > > instead of the view owner bob: > > Yes I agree, that appears to be a bug. The subquery in the RLS policy > should be checked as the view owner -- i.e., we need to propagate the > checkAsUser for the RTE with RLS to any subqueries in its RLS > policies.
Agreed. > It looks like the best place to fix it is in > get_policies_for_relation(), since that's where all the policies to be > applied for a given RTE are pulled together. Patch attached. Yes, on a quick review, that looks like a good solution to me as well. Thanks! Stephen
signature.asc
Description: PGP signature
