I’m new to Postgres’ RLS feature. I believe I’m following the documentation appropriately, but am getting unexpected behavior. Consider the following case:
- i have a table named
report_files - this table has a simple policy,
policy <name> for all using (true) - the user has
grant allpermissions on the table (grant all on all tables in schema testing to testuser;, along withgrant execute on all functions ...andgrant usagefor the schema as well) - the user can now read all fields in the table, but cannot
insertrecords, against expectation
Here’s a really short snippet from psql demonstrating the aforementioned: https://gist.github.com/cdaringe/85dd9a7b1278afe4770869dc494216f3
I have set a permissive policy, which clearly evaluates OK as evidenced by the successful select command.
What can I troubleshoot to get the insert to work?
Thanks!
Advertisement
Answer
ERROR: permission denied for sequence report_files_id_seq
It looks to me like you need to grant your user permission to use the id sequence: report_files_id_seq
You should be able to do this with the following
GRANT USAGE, SELECT ON SEQUENCE report_files_id_seq TO testuser;
Or to bulk add all tables:
GRANT USAGE, SELECT ON ALL SEQUENCES IN SCHEMA <insert schema name here>
ALL is equivalent to USAGE, SELECT, UPDATE