ACCESS_POLICY

Provides information about existing access policies.

Provides information about existing access policies.

Column Name Data Type Description
ACCESS_POLICY_OID INTEGER The unique identifier for the access policy.
TABLE_NAME VARCHAR Name of the table specified in the access policy.
IS_POLICY_ENABLED BOOLEAN Whether the access policy is enabled.
POLICY_TYPE VARCHAR

The type of access policy assigned to the table:

  • Column Policy

  • Row Policy

EXPRESSION VARCHAR The expression used when creating the access policy.
COLUMN_NAME VARCHAR The column to which the access policy is assigned. Row policies apply to all columns in the table.
TRUST_GRANTS BOOLEAN If true, GRANT statements override the access policy when determining whether a user can perform DML operations on the column or row.

Privileges

By default, only the superuser can view this table. Superusers can grant non-superusers access to this table with the following statement. Non-superusers can only see rows for tables that they own:

=> GRANT SELECT ON access_policy TO PUBLIC

Examples

The following query returns all access policies on table public.customer_dimension:

=> \x
=> SELECT policy_type, is_policy_enabled, table_name, column_name, expression FROM access_policy WHERE table_name = 'public.customer_dimension';
-[ RECORD 1 ]-----+----------------------------------------------------------------------------------------
policy_type       | Column Policy
is_policy_enabled | Enabled
table_name        | public.customer_dimension
column_name       | customer_address
expression        | CASE WHEN enabled_role('administrator') THEN customer_address ELSE '**************' END