ACCESS_POLICY
Provides information about existing access policies.
| Column Name | Data Type | Description |
|---|---|---|
| ACCESS_POLICY_OID |
INTEGER |
The unique identifier for the access policy. |
| TABLE_NAME |
VARCHAR |
Name of the table specified in the access policy. |
| IS_POLICY_ENABLED |
BOOLEAN |
Whether the access policy is enabled. |
| POLICY_TYPE |
VARCHAR |
The type of access policy assigned to the table:
|
| EXPRESSION |
VARCHAR |
The expression used when creating the access policy. |
| COLUMN_NAME |
VARCHAR |
The column to which the access policy is assigned. Row policies apply to all columns in the table. |
| TRUST_GRANTS | BOOLEAN | If true, GRANT statements override the access policy when determining whether a user can perform DML operations on the column or row. |
Privileges
By default, only the superuser can view this table. Superusers can grant non-superusers access to this table with the following statement. Non-superusers can only see rows for tables that they own:
=> GRANT SELECT ON access_policy TO PUBLIC
Examples
The following query returns all access policies on table public.customer_dimension:
=> \x
=> SELECT policy_type, is_policy_enabled, table_name, column_name, expression FROM access_policy WHERE table_name = 'public.customer_dimension';
-[ RECORD 1 ]-----+----------------------------------------------------------------------------------------
policy_type | Column Policy
is_policy_enabled | Enabled
table_name | public.customer_dimension
column_name | customer_address
expression | CASE WHEN enabled_role('administrator') THEN customer_address ELSE '**************' END