diff options
| author | Bruce Momjian | 2024-11-18 20:34:59 +0000 |
|---|---|---|
| committer | Bruce Momjian | 2024-11-18 20:34:59 +0000 |
| commit | cffca3665d8238dddf7afb4a3404866e375195c5 (patch) | |
| tree | 2b7c27b4f450fac8a17bd344cb0adac2d6d8b631 | |
| parent | 18ea6b3d0da357b5874ab9cf41350d4473b01ee9 (diff) | |
doc: clarify text about combining row-level policies
Reported-by: [email protected]
Discussion: https://postgr.es/m/[email protected]
Backpatch-through: master
| -rw-r--r-- | doc/src/sgml/ddl.sgml | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/doc/src/sgml/ddl.sgml b/doc/src/sgml/ddl.sgml index 3c56610d2ac..08155b156a5 100644 --- a/doc/src/sgml/ddl.sgml +++ b/doc/src/sgml/ddl.sgml @@ -2628,7 +2628,8 @@ GRANT SELECT (col1), UPDATE (col1) ON mytable TO miriam_rw; When multiple policies apply to a given query, they are combined using either <literal>OR</literal> (for permissive policies, which are the default) or using <literal>AND</literal> (for restrictive policies). - This is similar to the rule that a given role has the privileges + The <literal>OR</literal> behavior is similar to the rule that a given + role has the privileges of all roles that they are a member of. Permissive vs. restrictive policies are discussed further below. </para> |