From 227a6ea65740bb8c5b1f37df016d7861fcba11c5 Mon Sep 17 00:00:00 2001
From: Dean Rasheed <dean.a.rasheed@gmail.com>
Date: Wed, 11 Feb 2026 10:25:05 +0000
Subject: [PATCH] doc: Clarify RLS policies applied for ON CONFLICT DO NOTHING.

On the CREATE POLICY page, the description of per-command policies
stated that SELECT policies are applied when an INSERT has an ON
CONFLICT DO NOTHING clause. However, that is only the case if it
includes an arbiter clause, so clarify that.

While at it, also clarify the comment in the regression tests that
cover this.

Author: Dean Rasheed <dean.a.rasheed@gmail.com>
Reviewed-by: Viktor Holmberg <v@viktorh.net>
Discussion: https://postgr.es/m/CAEZATCXGwMQ+x00YY9XYG46T0kCajH=21QaYL9Xatz0dLKii+g@mail.gmail.com
Backpatch-through: 14
---
 doc/src/sgml/ref/create_policy.sgml       | 10 ++++++++--
 src/test/regress/expected/rowsecurity.out |  5 +++--
 src/test/regress/sql/rowsecurity.sql      |  5 +++--
 3 files changed, 14 insertions(+), 6 deletions(-)

diff --git a/doc/src/sgml/ref/create_policy.sgml b/doc/src/sgml/ref/create_policy.sgml
index 42d43ad7bf4..9065ccb65f9 100644
--- a/doc/src/sgml/ref/create_policy.sgml
+++ b/doc/src/sgml/ref/create_policy.sgml
@@ -294,7 +294,9 @@ CREATE POLICY <replaceable class="parameter">name</replaceable> ON <replaceable
        </para>
        <para>
          If an <literal>INSERT</literal> has an <literal>ON CONFLICT DO
-         NOTHING/UPDATE</literal> clause, <literal>SELECT</literal>
+         UPDATE</literal> clause, or an <literal>ON CONFLICT DO
+         NOTHING</literal> clause with an arbiter index or constraint
+         specification, then <literal>SELECT</literal>
          permissions are required on the relation, and the rows proposed for
          insertion are checked using the relation's <literal>SELECT</literal>
          policies.  If a row proposed for insertion does not satisfy the
@@ -540,7 +542,11 @@ CREATE POLICY <replaceable class="parameter">name</replaceable> ON <replaceable
       <row>
        <entry><command>INSERT ... ON CONFLICT</command></entry>
        <entry>
-        Check new row&nbsp;<footnote id="rls-on-conflict-priv">
+        Check new row&nbsp;<footnote>
+         <para>
+          If an arbiter index or constraint is specified.
+         </para>
+        </footnote><footnote id="rls-on-conflict-priv">
          <para>
           Row proposed for insertion is checked regardless of whether or not a
           conflict occurs.
diff --git a/src/test/regress/expected/rowsecurity.out b/src/test/regress/expected/rowsecurity.out
index c958ef4d70a..e17f9188dfa 100644
--- a/src/test/regress/expected/rowsecurity.out
+++ b/src/test/regress/expected/rowsecurity.out
@@ -170,8 +170,9 @@ NOTICE:  SELECT USING on rls_test_tgt.(1,"tgt d","TGT D")
  1 | tgt d | TGT D
 (1 row)
 
--- INSERT ... ON CONFLICT DO NOTHING should apply INSERT CHECK and SELECT USING
--- policy clauses (to new value, whether it conflicts or not)
+-- INSERT ... ON CONFLICT DO NOTHING with an arbiter clause should apply
+-- INSERT CHECK and SELECT USING policy clauses (to new value, whether it
+-- conflicts or not)
 INSERT INTO rls_test_tgt VALUES (1, 'tgt a') ON CONFLICT (a) DO NOTHING;
 NOTICE:  INSERT CHECK on rls_test_tgt.(1,"tgt a","TGT A")
 NOTICE:  SELECT USING on rls_test_tgt.(1,"tgt a","TGT A")
diff --git a/src/test/regress/sql/rowsecurity.sql b/src/test/regress/sql/rowsecurity.sql
index 5d923c5ca3b..fb6502d497f 100644
--- a/src/test/regress/sql/rowsecurity.sql
+++ b/src/test/regress/sql/rowsecurity.sql
@@ -121,8 +121,9 @@ BEGIN; DELETE FROM rls_test_tgt; ROLLBACK;
 BEGIN; DELETE FROM rls_test_tgt WHERE a = 1; ROLLBACK;
 DELETE FROM rls_test_tgt RETURNING *;
 
--- INSERT ... ON CONFLICT DO NOTHING should apply INSERT CHECK and SELECT USING
--- policy clauses (to new value, whether it conflicts or not)
+-- INSERT ... ON CONFLICT DO NOTHING with an arbiter clause should apply
+-- INSERT CHECK and SELECT USING policy clauses (to new value, whether it
+-- conflicts or not)
 INSERT INTO rls_test_tgt VALUES (1, 'tgt a') ON CONFLICT (a) DO NOTHING;
 INSERT INTO rls_test_tgt VALUES (1, 'tgt b') ON CONFLICT (a) DO NOTHING;
 
-- 
2.47.3