兼容VPD功能

atlasdb=# create or replace function f1(schema text, object text) 
atlasdb-# returns text as $$
atlasdb$# declare                                           
atlasdb$# begin                         
atlasdb$#   return 'id1 between 1 and 2 and id2 between 3 and 4 --可以进行复杂的语义检查';
atlasdb$# end;
atlasdb$# $$
atlasdb-# language plpgsql;
CREATE FUNCTION
atlasdb=# --系统表，不允许添加policy
atlasdb=# select dbms_rls.add_policy(
atlasdb(#     object_name => 'pg_class',
atlasdb(#     policy_name => 'mypolicy1',
atlasdb(#     policy_function => 'f1',
atlasdb(#     object_schema => 'pg_catalog',
atlasdb(#     enable => true
atlasdb(# );

select dbms_rls.add_policy(
    object_name => 't1',
    policy_name => 'mypolicy1',
    policy_function => 'f1',
    enable => true
);

--没有敏感列，自动带上where条件
explain (COSTS false) select id1 from t1; 
explain (COSTS false) select id2 from t1;
explain (COSTS false) select * from t1 where id2=10;
explain (COSTS false) delete from t1;
explain (COSTS false) delete from t1 where id1 = 1;
explain (COSTS false) update t1 set id1=1;

--关掉policy
select dbms_rls.enable_policy(
    object_name => 't1',
    policy_name => 'mypolicy1',
    enable => false
ERROR:  cant not apply policy on pg_catalog.pg_class
CONTEXT:  SQL statement "CALL dbms_rls_add_policy(object_name,policy_name,policy_function,object_schema,function_schema,statement_types,update_check,enable,sec_relevant_cols
            )"
PL/pgSQL function dbms_rls.add_policy(text,text,text,text,text,text,boolean,boolean,text) line 2 at PERFORM
referenced column: add_policy
atlasdb=# atlasdb=# atlasdb(# atlasdb(# atlasdb(# atlasdb(# atlasdb(# );
ERROR:  policy object t1 does not exist
CONTEXT:  SQL statement "CALL dbms_rls_add_policy(object_name,policy_name,policy_function,object_schema,function_schema,statement_types,update_check,enable,sec_relevant_cols
            )"
PL/pgSQL function dbms_rls.add_policy(text,text,text,text,text,text,boolean,boolean,text) line 2 at PERFORM
referenced column: add_policy
atlasdb=# atlasdb=# atlasdb=# 
--执行计划恢复正常
explain (COSTS false) select id1 from t1;
   QUERY PLAN   
----------------
 Seq Scan on t1
(1 row)

atlasdb=#    QUERY PLAN   
----------------
 Seq Scan on t1
(1 row)

atlasdb=# explain (COSTS false) select id2 from t1;
explain (COSTS false) select * from t1 where id2=10;
explain (COSTS false) delete from t1;
explain (COSTS false) delete from t1 where id1 = 1;
      QUERY PLAN      
----------------------
 Seq Scan on t1
   Filter: (id2 = 10)
(2 rows)

atlasdb=# explain (COSTS false) update t1 set id1=1;      QUERY PLAN      
----------------------
 Delete on t1
   ->  Seq Scan on t1
(2 rows)

atlasdb=#         QUERY PLAN         
---------------------------
 Delete on t1
   ->  Seq Scan on t1
         Filter: (id1 = 1)
(3 rows)

atlasdb=#       QUERY PLAN      
----------------------
 Update on t1
   ->  Seq Scan on t1
(2 rows)

atlasdb=# atlasdb=# atlasdb=# atlasdb(# atlasdb(# atlasdb(# atlasdb(# ERROR:  policy object t1 does not exist
CONTEXT:  SQL statement "CALL dbms_rls_enable_policy(object_name,policy_name,enable,object_schema)"
PL/pgSQL function dbms_rls.enable_policy(text,text,boolean,text) line 2 at PERFORM
referenced column: enable_policy
atlasdb=# atlasdb=# atlasdb=#    QUERY PLAN   
----------------
 Seq Scan on t1
(1 row)

atlasdb=#    QUERY PLAN   
----------------
 Seq Scan on t1
(1 row)

atlasdb=#       QUERY PLAN      
----------------------
 Seq Scan on t1
   Filter: (id2 = 10)
(2 rows)

atlasdb=#       QUERY PLAN      
----------------------
 Delete on t1
   ->  Seq Scan on t1
(2 rows)

atlasdb=#         QUERY PLAN         
---------------------------
 Delete on t1
   ->  Seq Scan on t1
         Filter: (id1 = 1)
(3 rows)
VastbaseE100

兼容VPD功能

弹框头部
