52.38. pg_policy #

   The catalog pg_policy stores row-level security policies for tables. A
   policy includes the kind of command that it applies to (possibly all
   commands), the roles that it applies to, the expression to be added as
   a security-barrier qualification to queries that include the table, and
   the expression to be added as a WITH CHECK option for queries that
   attempt to add new records to the table.

   Table 52.38. pg_policy Columns

   Column Type

   Description

   oid oid

   Row identifier

   polname name

   The name of the policy

   polrelid oid (references pg_class.oid)

   The table to which the policy applies

   polcmd char

   The command type to which the policy is applied: r for SELECT, a for
   INSERT, w for UPDATE, d for DELETE, or * for all

   polpermissive bool

   Is the policy permissive or restrictive?

   polroles oid[] (references pg_authid.oid)

   The roles to which the policy is applied; zero means PUBLIC (and
   normally appears alone in the array)

   polqual pg_node_tree

   The expression tree to be added to the security barrier qualifications
   for queries that use the table

   polwithcheck pg_node_tree

   The expression tree to be added to the WITH CHECK qualifications for
   queries that attempt to add rows to the table

Note

   Policies stored in pg_policy are applied only when
   pg_class.relrowsecurity is set for their table.