Make BYPASSRLS behave like superuser RLS bypass.

Specifically, make its effect independent from the row_security GUC, and make it affect permission checks pertinent to views the BYPASSRLS role owns. The row_security GUC thereby ceases to change successful-query behavior; it can only make a query fail with an error. Back-patch to 9.5, where BYPASSRLS was introduced.
author: Noah Misch 2015-10-04 00:19:57 +0000
committer: Noah Misch 2015-10-04 00:19:57 +0000
commit: 3cb0a7e75aaa9a7826c769068970ce2200e61023 (patch)
tree: 3aa82c69eed4d228694e2708278da04ce7ed3eb4 /src/include
parent: 23fc0b485d6dfa49ff20fff6c5661be4b12a5bff (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/src/include/catalog/pg_authid.h b/src/include/catalog/pg_authid.h
index d5f19d6aabb..2c8565ea254 100644
--- a/src/include/catalog/pg_authid.h
+++ b/src/include/catalog/pg_authid.h
@@ -51,7 +51,7 @@ CATALOG(pg_authid,1260) BKI_SHARED_RELATION BKI_ROWTYPE_OID(2842) BKI_SCHEMA_MAC
 	bool		rolcreatedb;	/* allowed to create databases? */
 	bool		rolcanlogin;	/* allowed to log in as session user? */
 	bool		rolreplication; /* role used for streaming replication */
-	bool		rolbypassrls;	/* allowed to bypass row level security? */
+	bool		rolbypassrls;	/* bypasses row level security? */
 	int32		rolconnlimit;	/* max connections allowed (-1=no limit) */
 
 	/* remaining fields may be null; use heap_getattr to read them! */
author	Noah Misch	2015-10-04 00:19:57 +0000
committer	Noah Misch	2015-10-04 00:19:57 +0000
commit	3cb0a7e75aaa9a7826c769068970ce2200e61023 (patch)
tree	3aa82c69eed4d228694e2708278da04ce7ed3eb4 /src/include
parent	23fc0b485d6dfa49ff20fff6c5661be4b12a5bff (diff)