行级安全性 - 更新行
Row level security - Update Rows
您好,我正在使用 Postgres,我有一个角色“my_role”,我想更新一个 table 的记录,仅当我的 corporate_id 与其他 table.
我想为人 table 创建一个政策,我有一个来自我公司 table 的 corporate_id 来开车去获取这些信息,就像这样:
SELECT * FROM person p
INNER JOIN person_brand a ON p.person_id=a.person_id
INNER JOIN brand b ON a.brand_id=b.brand_id
INNER JOIN corporate c on b.corporate_id=c.corporate_id
WHERE c.corporate_id=corporate_id
我的政策是这样的:
ALTER TABLE core.person ENABLE ROW LEVEL SECURITY;
CREATE POLICY person_corporation_all
ON person
AS PERMISSIVE
FOR UPDATE
TO "my_role"
USING (EXISTS(SELECT 1 FROM person p
INNER JOIN person_brand a ON p.person_id=a.person_id
INNER JOIN brand b ON a.brand_id=b.brand_id
INNER JOIN corporate c on b.corporate_id=c.corporate_id
WHERE c.corporate_id=corporate_id));
但是告诉我这个错误:
ERROR: column reference "corporate_id" is ambiguous
SQL state: 42702
我需要将什么作为变量发送到我的查询中?
此致
您将有一个嵌套策略,因为在验证中您再次拥有 person table,您需要将其删除,并使用 [=15] 的名称引用列=] person,例如:
CREATE POLICY person_corporation_all
ON person
AS PERMISSIVE
FOR UPDATE
TO "my_role"
USING (EXISTS(SELECT 1 FROM person_brand a
INNER JOIN brand b ON a.brand_id=b.brand_id
INNER JOIN corporate c on b.corporate_id=c.corporate_id
WHERE a.person_id=person.person_id and c.corporate_id=person.corporate_id));
您好,我正在使用 Postgres,我有一个角色“my_role”,我想更新一个 table 的记录,仅当我的 corporate_id 与其他 table.
我想为人 table 创建一个政策,我有一个来自我公司 table 的 corporate_id 来开车去获取这些信息,就像这样:
SELECT * FROM person p
INNER JOIN person_brand a ON p.person_id=a.person_id
INNER JOIN brand b ON a.brand_id=b.brand_id
INNER JOIN corporate c on b.corporate_id=c.corporate_id
WHERE c.corporate_id=corporate_id
我的政策是这样的:
ALTER TABLE core.person ENABLE ROW LEVEL SECURITY;
CREATE POLICY person_corporation_all
ON person
AS PERMISSIVE
FOR UPDATE
TO "my_role"
USING (EXISTS(SELECT 1 FROM person p
INNER JOIN person_brand a ON p.person_id=a.person_id
INNER JOIN brand b ON a.brand_id=b.brand_id
INNER JOIN corporate c on b.corporate_id=c.corporate_id
WHERE c.corporate_id=corporate_id));
但是告诉我这个错误:
ERROR: column reference "corporate_id" is ambiguous
SQL state: 42702
我需要将什么作为变量发送到我的查询中?
此致
您将有一个嵌套策略,因为在验证中您再次拥有 person table,您需要将其删除,并使用 [=15] 的名称引用列=] person,例如:
CREATE POLICY person_corporation_all
ON person
AS PERMISSIVE
FOR UPDATE
TO "my_role"
USING (EXISTS(SELECT 1 FROM person_brand a
INNER JOIN brand b ON a.brand_id=b.brand_id
INNER JOIN corporate c on b.corporate_id=c.corporate_id
WHERE a.person_id=person.person_id and c.corporate_id=person.corporate_id));