On 9/23/15 2:52 PM, Stephen Frost wrote:
>> That might be reasonable, but the documentation is completely wrong
>> about that.
>
> Really? I feel pretty confident that it's at least mentioned. I
> agree that it should be made more clear.
I quoted the documentation at the beginning of the thread. That's all I
could find about it.
>> That said, why even have USING and CHECK as separate clauses? Can't you
>> just create different policies if you want them different?
>>
>> Hypothetical example:
>>
>> CREATE POLICY p1 ON t1 FOR SELECT CHECK (extract(year from entered_on) =
>> extract(year from current_timestamp));
>> CREATE POLICY p2 ON t2 FOR INSERT, UPDATE, DELETE CHECK (entered_by =
>> current_user);
>
> USING is about visibility of existing records, WITH CHECK is in regards
> to new rows being added to the relation (either through an INSERT or an
> UPDATE).
That makes sense, but then the current behavior that I mentioned at the
beginning of the thread is wrong. If you think these clauses are
clearly separate, then they should be, er, clearly separate.
Maybe the syntax can be tweaked a little, like USING AND CHECK or
whatever. Not that USING and CHECK are terribly intuitive in this
context anyway.