【发布时间】:2021-04-09 19:05:36
【问题描述】:
我已将 RLS 策略应用于“用户”表,并希望仅检索带有 tenant_id=2 的记录:
CREATE TABLE "users" ("name" text UNIQUE NOT NULL, "tenant_id" int NOT NULL DEFAULT current_setting('app.current_tenant')::int);
--Enable Row Security Policies
ALTER TABLE users ENABLE ROW LEVEL SECURITY;
ALTER TABLE users FORCE ROW LEVEL SECURITY;
CREATE POLICY tenant_isolation_policy ON users USING (tenant_id = current_setting('app.current_tenant')::int);
--Set "111" as the current tenant.
SET app.current_tenant TO 1;
INSERT INTO users VALUES ('admin');
INSERT INTO users VALUES ('bob');
--Set "222" as the current tenant.
SET app.current_tenant TO 2;
INSERT INTO users VALUES ('alice');
--Data output
SELECT * FROM users;
但我得到了结果中的所有用户:
name tenant_id
admin 1
bob 1
alice 2
为什么会这样?
这是我所坚持的 dbFiddle: https://www.db-fiddle.com/f/iFktvVsDNYKggUNT2oDJBV/0
【问题讨论】:
-
您使用哪个(数据库)用户来运行该 SELECT
标签: postgresql rls