aboutsummaryrefslogtreecommitdiff
path: root/src/include/rewrite/rowsecurity.h
blob: 245005cae2ebdc0061041dec7839a71d130fc11a (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
/* -------------------------------------------------------------------------
 *
 * rowsecurity.h
 *    prototypes for optimizer/rowsecurity.c
 *
 * Portions Copyright (c) 1996-2012, PostgreSQL Global Development Group
 * Portions Copyright (c) 1994, Regents of the University of California
 *
 * -------------------------------------------------------------------------
 */
#ifndef ROWSECURITY_H
#define ROWSECURITY_H

#include "nodes/execnodes.h"
#include "nodes/parsenodes.h"
#include "nodes/relation.h"
#include "utils/array.h"

typedef struct RowSecurityPolicy
{
	Oid					rsecid;
	char			   *policy_name;
	char				cmd;
	ArrayType		   *roles;
	Expr			   *qual;
	Expr			   *with_check_qual;
	bool				hassublinks;
} RowSecurityPolicy;

typedef struct RowSecurityDesc
{
	MemoryContext		rscxt;		/* row-security memory context */
	List			   *policies;	/* list of row-security policies */
} RowSecurityDesc;

/* GUC variable */
extern int row_security;

/* Possible values for row_security GUC */
typedef enum RowSecurityConfigType
{
	ROW_SECURITY_OFF,
	ROW_SECURITY_ON,
	ROW_SECURITY_FORCE
} RowSecurityConfigType;

/*
 * Used by callers of check_enable_rls.
 *
 * RLS could be completely disabled on the tables involved in the query,
 * which is the simple case, or it may depend on the current environment
 * (the role which is running the query or the value of the row_security
 * GUC- on, off, or force), or it might be simply enabled as usual.
 *
 * If RLS isn't on the table involved then RLS_NONE is returned to indicate
 * that we don't need to worry about invalidating the query plan for RLS
 * reasons.  If RLS is on the table, but we are bypassing it for now, then
 * we return RLS_NONE_ENV to indicate that, if the environment changes,
 * we need to invalidate and replan.  Finally, if RLS should be turned on
 * for the query, then we return RLS_ENABLED, which means we also need to
 * invalidate if the environment changes.
 */
enum CheckEnableRlsResult
{
	RLS_NONE,
	RLS_NONE_ENV,
	RLS_ENABLED
};

typedef List *(*row_security_policy_hook_type)(CmdType cmdtype,
											   Relation relation);

extern PGDLLIMPORT row_security_policy_hook_type row_security_policy_hook;

extern bool prepend_row_security_policies(Query* root, RangeTblEntry* rte,
									   int rt_index);

extern int check_enable_rls(Oid relid, Oid checkAsUser);

#endif	/* ROWSECURITY_H */