postgresqlpermissions

Fail to inherit BYPASSRLS


In my Postgres database, I create a role group with BYPASSRLS. I assign group to user archibald. I expect user to have BYPASSRLS. However, I find the user cannot bypass the row-level security.

I can work around it by granting BYPASSRLS to archibald directly, but I would like to manage this by group.

Code:

create role group nologin bypassrls;
grant usage on schema public to group;
grant select on all tables in schema public to group;

create user archibald password 'password';
grant group to archibald;

Expected result: archibald should be able to see all rows in all tables. Actual result: He sees nothing due to row-level security.


Solution

  • Like all other properties of a role, you cannot inherit BYPASSRLS. Only privileges and ownership on objects and membership in roles are inherited.