Home > Software design >  How Do I Create an "Any Logged-In User" Policy With PostgreSQL Row-Level Security
How Do I Create an "Any Logged-In User" Policy With PostgreSQL Row-Level Security

Time:01-22

I'm trying to create a policy that let's any logged-in user create a record in a "resources" table. I can create the policy just fine:

CREATE POLICY insert_resources
ON public.resources
FOR INSERT TO public_user WITH CHECK (
    (NULLIF(CURRENT_SETTING('jwt.claims.person_id', true), '')) IS NOT NULL
)

However, I must be doing something wrong, because when I try to do an INSERT as a logged-in user, I get a "permission denied for table resources" aclcheck_error.

I'm pretty sure that's the only relevant policy, because when I run:

SELECT *
FROM pg_policies
WHERE tablename = 'resources'
    AND cmd='INSERT';

... it's the only policy that shows up.

Can any PostgreSQL (row-level security) experts help explain what's wrong with my policy?

CodePudding user response:

A "permission denied for table" error sounds like you didn't GRANT the INSERT privilege on that table to the public_user user.

Page link:https//www.codepudding.com/Softwaredesign/679701.html

Prev:How to re-use the result of a subquery in the main query, with Postgres
Next:Query for time-series-like counters in psql
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding