Re: Clarification on RLS policy

On Fri, Apr 25, 2025 at 9:09 AM Vydehi Ganti <rayudugs@gmail.com> wrote:
> We are presently using Postgresql:PostgreSQL 15.12 on x86_64-pc-linux-gnu, compiled by gcc (GCC) 8.5.0 20210514 (Red
Hat8.5.0-23), 64-bit 
> I have a scenario where
> 1.I need to enforce RLS policy on a table for Select by calling a Function
> 2.The function would return a character varying string which should be appended to the select as a filter.
> Ex: Select * from employee would be appended with where 1=1;
> 3.When we try to implement it says the below error.
> ERROR: invalid input syntax for type boolean: "1=1" CONTEXT: PL/pgSQL function function name(name,name) while casting
returnvalue to function's return type 
> 4.It works fine on Oracle. Can you please suggest how to fix this issue?

In PostgreSQL, you won't have to resort to the 1=1 trick like on Oracle.

    // One RLS is active, it is an implicit DENY on all DML types.
    // So we must explicitly allow SELECTs, using a dummy `USING (true)` policy.
    // Note that we use ALL, and not just SELECT, because we used RESTRICTIVE
    // on the UPDATE policy (needs at last one PERMISSIVE policy)
    CREATE POLICY rls_pass_thru ON {} FOR ALL USING (true)

(replace {} with a table name). --DD