RLS comment fixes.

deanrasheed · deanrasheed · commit 9c55391f0f27 · 2017-11-24T14:14:40.000Z
The comments in get_policies_for_relation() say that CREATE POLICY
does not support defining restrictive policies. This is no longer
true, starting from PG10.
diff --git a/src/backend/rewrite/rowsecurity.c b/src/backend/rewrite/rowsecurity.c
@@ -408,11 +408,7 @@ get_policies_for_relation(Relation relation, CmdType cmd, Oid user_id,
 	*permissive_policies = NIL;
 	*restrictive_policies = NIL;
 
-	/*
-	 * First find all internal policies for the relation.  CREATE POLICY does
-	 * not currently support defining restrictive policies, so for now all
-	 * internal policies are permissive.
-	 */
+	/* First find all internal policies for the relation. */
 	foreach(item, relation->rd_rsdesc->policies)
 	{
 		bool		cmd_matches = false;
@@ -450,7 +446,7 @@ get_policies_for_relation(Relation relation, CmdType cmd, Oid user_id,
 		}
 
 		/*
-		 * Add this policy to the list of permissive policies if it applies to
+		 * Add this policy to the relevant list of policies if it applies to
 		 * the specified role.
 		 */
 		if (cmd_matches && check_role_for_policy(policy->roles, user_id))
