<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <HTML ><HEAD ><TITLE >pg_policy</TITLE ><META NAME="GENERATOR" CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK REV="MADE" HREF="mailto:pgsql-docs@postgresql.org"><LINK REL="HOME" TITLE="PostgreSQL 9.6.4 Documentation" HREF="index.html"><LINK REL="UP" TITLE="System Catalogs" HREF="catalogs.html"><LINK REL="PREVIOUS" TITLE="pg_pltemplate" HREF="catalog-pg-pltemplate.html"><LINK REL="NEXT" TITLE="pg_proc" HREF="catalog-pg-proc.html"><LINK REL="STYLESHEET" TYPE="text/css" HREF="stylesheet.css"><META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=ISO-8859-1"><META NAME="creation" CONTENT="2017-08-11T02:27:18"></HEAD ><BODY CLASS="SECT1" ><DIV CLASS="NAVHEADER" ><TABLE SUMMARY="Header navigation table" WIDTH="100%" BORDER="0" CELLPADDING="0" CELLSPACING="0" ><TR ><TH COLSPAN="4" ALIGN="center" VALIGN="bottom" ><A HREF="index.html" >PostgreSQL 9.6.4 Documentation</A ></TH ></TR ><TR ><TD WIDTH="10%" ALIGN="left" VALIGN="top" ><A TITLE="pg_pltemplate" HREF="catalog-pg-pltemplate.html" ACCESSKEY="P" >Prev</A ></TD ><TD WIDTH="10%" ALIGN="left" VALIGN="top" ><A HREF="catalogs.html" ACCESSKEY="U" >Up</A ></TD ><TD WIDTH="60%" ALIGN="center" VALIGN="bottom" >Chapter 50. System Catalogs</TD ><TD WIDTH="20%" ALIGN="right" VALIGN="top" ><A TITLE="pg_proc" HREF="catalog-pg-proc.html" ACCESSKEY="N" >Next</A ></TD ></TR ></TABLE ><HR ALIGN="LEFT" WIDTH="100%"></DIV ><DIV CLASS="SECT1" ><H1 CLASS="SECT1" ><A NAME="CATALOG-PG-POLICY" >50.37. <TT CLASS="STRUCTNAME" >pg_policy</TT ></A ></H1 ><P > The catalog <TT CLASS="STRUCTNAME" >pg_policy</TT > stores row level security policies for tables. A policy includes the kind of command that it applies to (possibly all commands), the roles that it applies to, the expression to be added as a security-barrier qualification to queries that include the table, and the expression to be added as a <TT CLASS="LITERAL" >WITH CHECK</TT > option for queries that attempt to add new records to the table. </P ><DIV CLASS="TABLE" ><A NAME="AEN108245" ></A ><P ><B >Table 50-37. <TT CLASS="STRUCTNAME" >pg_policy</TT > Columns</B ></P ><TABLE BORDER="1" CLASS="CALSTABLE" ><COL><COL><COL><COL><THEAD ><TR ><TH >Name</TH ><TH >Type</TH ><TH >References</TH ><TH >Description</TH ></TR ></THEAD ><TBODY ><TR ><TD ><TT CLASS="STRUCTFIELD" >polname</TT ></TD ><TD ><TT CLASS="TYPE" >name</TT ></TD ><TD > </TD ><TD >The name of the policy</TD ></TR ><TR ><TD ><TT CLASS="STRUCTFIELD" >polrelid</TT ></TD ><TD ><TT CLASS="TYPE" >oid</TT ></TD ><TD ><TT CLASS="LITERAL" ><A HREF="catalog-pg-class.html" ><TT CLASS="STRUCTNAME" >pg_class</TT ></A >.oid</TT ></TD ><TD >The table to which the policy applies</TD ></TR ><TR ><TD ><TT CLASS="STRUCTFIELD" >polcmd</TT ></TD ><TD ><TT CLASS="TYPE" >char</TT ></TD ><TD > </TD ><TD >The command type to which the policy is applied: <TT CLASS="LITERAL" >r</TT > for <TT CLASS="COMMAND" >SELECT</TT >, <TT CLASS="LITERAL" >a</TT > for <TT CLASS="COMMAND" >INSERT</TT >, <TT CLASS="LITERAL" >w</TT > for <TT CLASS="COMMAND" >UPDATE</TT >, <TT CLASS="LITERAL" >d</TT > for <TT CLASS="COMMAND" >DELETE</TT >, or <TT CLASS="LITERAL" >*</TT > for all</TD ></TR ><TR ><TD ><TT CLASS="STRUCTFIELD" >polroles</TT ></TD ><TD ><TT CLASS="TYPE" >oid[]</TT ></TD ><TD ><TT CLASS="LITERAL" ><A HREF="catalog-pg-authid.html" ><TT CLASS="STRUCTNAME" >pg_authid</TT ></A >.oid</TT ></TD ><TD >The roles to which the policy is applied</TD ></TR ><TR ><TD ><TT CLASS="STRUCTFIELD" >polqual</TT ></TD ><TD ><TT CLASS="TYPE" >pg_node_tree</TT ></TD ><TD > </TD ><TD >The expression tree to be added to the security barrier qualifications for queries that use the table</TD ></TR ><TR ><TD ><TT CLASS="STRUCTFIELD" >polwithcheck</TT ></TD ><TD ><TT CLASS="TYPE" >pg_node_tree</TT ></TD ><TD > </TD ><TD >The expression tree to be added to the WITH CHECK qualifications for queries that attempt to add rows to the table</TD ></TR ></TBODY ></TABLE ></DIV ><DIV CLASS="NOTE" ><BLOCKQUOTE CLASS="NOTE" ><P ><B >Note: </B > Policies stored in <TT CLASS="STRUCTNAME" >pg_policy</TT > are applied only when <TT CLASS="STRUCTNAME" >pg_class</TT >.<TT CLASS="STRUCTFIELD" >relrowsecurity</TT > is set for their table. </P ></BLOCKQUOTE ></DIV ></DIV ><DIV CLASS="NAVFOOTER" ><HR ALIGN="LEFT" WIDTH="100%"><TABLE SUMMARY="Footer navigation table" WIDTH="100%" BORDER="0" CELLPADDING="0" CELLSPACING="0" ><TR ><TD WIDTH="33%" ALIGN="left" VALIGN="top" ><A HREF="catalog-pg-pltemplate.html" ACCESSKEY="P" >Prev</A ></TD ><TD WIDTH="34%" ALIGN="center" VALIGN="top" ><A HREF="index.html" ACCESSKEY="H" >Home</A ></TD ><TD WIDTH="33%" ALIGN="right" VALIGN="top" ><A HREF="catalog-pg-proc.html" ACCESSKEY="N" >Next</A ></TD ></TR ><TR ><TD WIDTH="33%" ALIGN="left" VALIGN="top" ><TT CLASS="STRUCTNAME" >pg_pltemplate</TT ></TD ><TD WIDTH="34%" ALIGN="center" VALIGN="top" ><A HREF="catalogs.html" ACCESSKEY="U" >Up</A ></TD ><TD WIDTH="33%" ALIGN="right" VALIGN="top" ><TT CLASS="STRUCTNAME" >pg_proc</TT ></TD ></TR ></TABLE ></DIV ></BODY ></HTML >