sql: Verify role applicability for RLS policies #138844
Labels
A-sql-privileges
SQL privilege handling and permission checks.
C-enhancement
Solution expected to add code/behavior + preserve backward-compat (pg compat issues are exception)
T-sql-foundations
SQL Foundations Team (formerly SQL Schema + SQL Sessions)
Comments
spilchen
added
C-enhancement
23 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This issue builds on the work done in #136704 and #136717. While policies are now applied during queries, we have yet to implement a check to determine if the policy applies to the current role.
Currently, the planner identifies the current role by name, whereas policies are stored using role IDs. To resolve this mismatch, we need to cache the role ID in the planner to enable ID-based verification. This approach aligns with related work in #98170.
Jira issue: CRDB-46373
The text was updated successfully, but these errors were encountered: