Why isn't row level security enabled for Postgres views?
Basically because it wasn't possible to retroactively change how views work. I'd like to be able to support SECURITY INVOKER
(or equivalent) for views but as far as I know no such feature presently exists.
You can filter access to the view its self with row security normally.
The tables accessed by the view will also have their row security rules applied. However, they'll see the current_user
as the view creator because views access tables (and other views) with the rights of the user who created/owns the view.
Maybe it'd be worth raising this on pgsql-hackers if you're willing to step in and help with development of the feature you need, or pgsql-general otherwise?
That said, while views access tables as the creating user and change current_user
accordingly, they don't prevent you from using custom GUCs, the session_user
, or other contextual information in row security policies. You can use row security with views, just not (usefully) to filter based on current_user
.
The row level security policy can still be applied in the WHERE
clause of the view. For example:
WHERE my_security_policy_function(person_id)