sql: Skip RLS policies when table is access for FK relationship and unique/PK constraints #136747
Assignees
Labels
A-sql-privileges
SQL privilege handling and permission checks.
C-enhancement
Solution expected to add code/behavior + preserve backward-compat (pg compat issues are exception)
T-sql-foundations
SQL Foundations Team (formerly SQL Schema + SQL Sessions)
Comments
spilchen
added
C-enhancement
35 tasks
exalate-issue-sync
bot
changed the title
exalate-issue-sync
bot
changed the title
spilchen
added a commit
to spilchen/cockroach
that referenced
this issue
Mar 18, 2025
Unique and foreign key constraints on tables with row-level security (RLS) enabled are exempt from RLS policies when enforcing constraints. This exemption was implemented previously. This commit adds tests to validate that RLS policies do not interfere with constraint enforcement. Closes cockroachdb#136747 Epic: CRDB-45203 Release note: none
spilchen
added a commit
to spilchen/cockroach
that referenced
this issue
Mar 18, 2025
Unique and foreign key constraints on tables with row-level security (RLS) enabled are exempt from RLS policies when enforcing constraints. This exemption was implemented previously. This commit adds tests to validate that RLS policies do not interfere with constraint enforcement. Closes cockroachdb#136747 Epic: CRDB-45203 Release note: none
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
If a table has a foreign key relationship, row-level security (RLS) policies should not be applied when reading from or writing to the target table during foreign key-related operations.
It is currently unclear whether any changes are needed to ensure this behavior, as it may already work as intended. If no changes are required, this issue will focus on adding tests to verify that RLS policies do not interfere with foreign key-related queries.
Jira issue: CRDB-45228
The text was updated successfully, but these errors were encountered: