Hello everyone! I was wondering if I define different RLS rules for the same method (SELECT, INSERT, etc); will it behave like a OR?, (as long as any of the policies passes, it will allow the operation), or will it act just like an AND?, (all the policies must pass to allow the operation? Thanks in advance!

Hello @Haus Of Alejandro! This thread has been automatically created from your message in #843999948717555735 a few seconds ago. We have already mentioned the @User so that they can see your message and help you as soon as possible! Want to unsubscribe from this thread? Right-click the thread in Discord (or use the ``...`` menu) and select "Leave Thread" to unsubscribe from future updates. Want to change the title? Use the ``/title`` command! We have solved your problem? Click the button below to archive it.

@Haus Of Alejandro I believe it’s operation specific. So the RLS rule for selects is applied for any selects on that table. Updates have the update policy applied etc. I don’t believe any have to do with any other.

@jaitaiwan thank you, but what if I define two or more policies for the same operation? (eg. two for SELECT)?

Are they both set to permissive?

Yes

“When multiple policies apply to a given query, they are combined using either OR (for permissive policies, which are the default) or using AND (for restrictive policies). This is similar to the rule that a given role has the privileges of all roles that they are a member of. Permissive vs. restrictive policies are discussed further below.” From https://www.postgresql.org/docs/current/ddl-rowsecurity.html

Ohhh! @jaitaiwan thanks a lot!

No worries!

Thread was archived by @Haus Of Alejandro. Anyone can send a message to unarchive it.