2.1 KiB
2.1 KiB
title, language
| title | language |
|---|---|
| CREATE-POLICY | en |
CREATE-POLICY
Name
CREATE POLICY
Description
Create security policies and explain to view the rewritten SQL.
行安全策略
grammar:
CREATE ROW POLICY test_row_policy_1 ON test.table1
AS {RESTRICTIVE|PERMISSIVE} TO test USING (id in (1, 2));
illustrate:
- filterType:It is usual to constrict a set of policies through AND. PERMISSIVE to constrict a set of policies through OR
- Configure multiple policies. First, merge the RESTRICTIVE policy with the PERMISSIVE policy
- It is connected with AND between RESTRICTIVE AND PERMISSIVE
- It cannot be created for users root and admin
Example
-
Create a set of row security policies
CREATE ROW POLICY test_row_policy_1 ON test.table1 AS RESTRICTIVE TO test USING (c1 = 'a');CREATE ROW POLICY test_row_policy_2 ON test.table1 AS RESTRICTIVE TO test USING (c2 = 'b');CREATE ROW POLICY test_row_policy_3 ON test.table1 AS PERMISSIVE TO test USING (c3 = 'c');CREATE ROW POLICY test_row_policy_3 ON test.table1 AS PERMISSIVE TO test USING (c4 = 'd');When we execute the query on Table1, the rewritten SQL is
select * from (select * from table1 where c1 = 'a' and c2 = 'b' or c3 = 'c' or c4 = 'd')
Keywords
CREATE, POLICY