ALTER ROW LEVEL SECURITY POLICY modifies an existing row-level access control policy, including the policy name and the users and expressions affected by the policy.
Only the table owner or administrators can perform this operation.
1 2 3 4 5 | ALTER [ ROW LEVEL SECURITY ] POLICY [ IF EXISTS ] policy_name ON table_name RENAME TO new_policy_name ALTER [ ROW LEVEL SECURITY ] POLICY policy_name ON table_name [ TO { role_name | PUBLIC } [, ...] ] [ USING ( using_expression ) ] |
Specifies the name of a row-level access control policy to be modified.
Specifies the name of a table to which a row-level access control policy is applied.
Specifies the new name of a row-level access control policy.
Specifies names of users affected by a row-level access control policy will be applied. PUBLIC indicates that the row-level access control policy will affect all users.
Specifies an expression defined for a row-level access control policy. The return value is of the boolean type.
Create example users role_a and role_b.
1 2 | CREATE ROLE role_a PASSWORD '{Password}'; CREATE ROLE role_b PASSWORD '{Password}'; |
Create example data table public.all_data_t and insert data into it.
1 2 3 4 | CREATE TABLE public.all_data_t(id int, role varchar(100), data varchar(100)); INSERT INTO all_data_t VALUES(1, 'role_a', 'r_a_data'); INSERT INTO all_data_t VALUES(2, 'role_b', 'r_b_data'); INSERT INTO all_data_t VALUES(3, 'role_c', 'r_c_data'); |
Create a row-level access control policy.
1 | CREATE ROW LEVEL SECURITY POLICY all_data_t_rls ON all_data_t USING(role = CURRENT_USER); |
Enable row-level access control.
1 | ALTER TABLE all_data_t ENABLE ROW LEVEL SECURITY; |
Change the name of the all_data_rls policy.
1 | ALTER ROW LEVEL SECURITY POLICY all_data_t_rls ON all_data_t RENAME TO all_data_t_newrls; |
Change the users affected by the row-level access control policy.
1 | ALTER ROW LEVEL SECURITY POLICY all_data_t_newrls ON all_data_t TO role_a, role_b; |
Modify the expression defined for the access control policy.
1 | ALTER ROW LEVEL SECURITY POLICY all_data_t_newrls ON all_data_t USING (id > 100 AND role = current_user); |