diff --git a/postgresql/doc/src/sgml/ref/create_policy.sgml b/postgresql/doc/src/sgml/ref/create_policy.sgml
index 15f8dde6..4d560fdd 100644
--- a/postgresql/doc/src/sgml/ref/create_policy.sgml
+++ b/postgresql/doc/src/sgml/ref/create_policy.sgml
@@ -571,15 +571,7 @@ ____________________________________________________________________________-->
____________________________________________________________________________-->
- 为一条策略使用UPDATE表示它适用于
- UPDATE、SELECT FOR UPDATE和SELECT FOR SHARE命令,还有INSERT命令的辅助性的ON CONFLICT DO UPDATE子句。===Since UPDATE
- involves pulling an existing record and replacing it with a new
- modified record, UPDATE
- policies accept both a USING expression and
- a WITH CHECK expression.。USING
- 表达式决定UPDATE命令将能看到哪些要对其操作
- 的记录,而WITH CHECK表达式定义哪些被修改的
- 行被允许存回到关系中。
+ 对策略使用UPDATE 意味着它将应用于UPDATE、SELECT FOR UPDATE和SELECT FOR SHARE 命令,还有INSERT 命令的辅助性的ON CONFLICT DO UPDATE 子句。由于UPDATE 需要提取现有的记录并且用新修改的记录代替,故UPDATE 策略接受USING 表达式和WITH CHECK 表达式。USING 表达式决定UPDATE 命令将能看到哪些要对其操作的记录,而WITH CHECK 表达式定义哪些被修改的行允许存回到关系中。
____________________________________________________________________________-->
- ===Typically an UPDATE command also needs to read
- data from columns in the relation being updated (e.g., in a
- WHERE clause or a RETURNING
- clause, or in an expression on the right hand side of the
- SET clause). In this case,
- SELECT rights are also required on the relation
- being updated, and the appropriate SELECT or
- ALL policies will be applied in addition to
- the UPDATE policies. Thus the user must have
- access to the row(s) being updated through a SELECT
- or ALL policy in addition to being granted
- permission to update the row(s) via an UPDATE
- or ALL policy.
+ 典型地,UPDATE命令也需要从待更新关系中的列读数据(例如在WHERE子句、RETURNING子句或在SET子句右侧的表达式中)。这种情况下,正被更新的关系上也需要SELECT权限,并且除了UPDATE策略外,也要应用适当的SELECT或者ALL策略。这样,除由UPDATE或ALL策略授权更新行之外,通过SELECT或ALL策略用也必须能访问正被更新的行。
____________________________________________________________________________-->
- ===When an INSERT command has an auxiliary
- ON CONFLICT DO UPDATE clause, if the
- UPDATE path is taken, the row to be updated is
- first checked against the USING expressions of
- any UPDATE policies, and then the new updated row
- is checked against the WITH CHECK expressions.
- Note, however, that unlike a standalone UPDATE
- command, if the existing row does not pass the
- USING expressions, an error will be thrown (the
- UPDATE path will never be silently
- avoided).
+ 当INSERT命令附加了ON CONFLICT DO UPDATE子句时,如果采用UPDATE路径,先以任何UPDATE策略的USING表达式检查待更新的行,然后以WITH CHECK表达式检查新修改的行。但要注意的是,不同于单独的UPDATE命令,如果现有的行不能通过USING表达式检查,则抛出错误(UPDATE路径永不会静默地避免)。
@@ -704,18 +674,7 @@ ____________________________________________________________________________-->
____________________________________________________________________________-->
- ===In most cases a DELETE command also needs to read
- data from columns in the relation that it is deleting from (e.g.,
- in a WHERE clause or a
- RETURNING clause). In this case,
- SELECT rights are also required on the relation,
- and the appropriate SELECT or
- ALL policies will be applied in addition to
- the DELETE policies. Thus the user must have
- access to the row(s) being deleted through a SELECT
- or ALL policy in addition to being granted
- permission to delete the row(s) via a DELETE or
- ALL policy.
+ 大多数情况下,DELETE命令也需要从其所删除的关系中的列读取数据(例如在WHERE子句或RETURNING子句中)。这种情况下,在该关系上也需要SELECT权限,并且除了DELETE策略,也要应用适当的SELECT或ALL策略。这样,除由DELETE或ALL策略授权删除行之外,通过SELECT或ALL策略,用户也必须能访问正被删除的行。
-
===Policies Applied by Command Type
+ 按命令类型应用的策略
@@ -756,11 +715,11 @@ ____________________________________________________________________________-->
____________________________________________________________________________-->
- Command
- SELECT/ALL policy
- INSERT/ALL policy
- UPDATE/ALL policy
- DELETE/ALL policy
+ 命令
+ SELECT/ALL策略
+ INSERT/ALL策略
+ UPDATE/ALL策略
+ DELETE/ALL策略
____________________________________________________________________________-->
- USING expression
- WITH CHECK expression
- USING expression
- WITH CHECK expression
- USING expression
+ USING表达式
+ WITH CHECK表达式
+ USING表达式
+ WITH CHECK表达式
+ USING表达式
@@ -792,7 +751,7 @@ ____________________________________________________________________________-->
____________________________________________________________________________-->
SELECT
- Existing row
+ 现有行
—
—
—
@@ -810,9 +769,9 @@ ____________________________________________________________________________-->
____________________________________________________________________________-->
SELECT FOR UPDATE/SHARE
- Existing row
+ 现有行
—
- Existing row
+ 现有行
—
—
@@ -829,7 +788,7 @@ ____________________________________________________________________________-->
INSERT
—
- New row
+ 新行
—
—
—
@@ -855,15 +814,13 @@ ____________________________________________________________________________-->
INSERT ... RETURNING
- ===New row
+ 新行
- ===If read access is required to the existing or new row (for example,
- a WHERE or RETURNING clause
- that refers to columns from the relation).
+ 对于现有行或新行,如果需要读访问的话(例如涉及到关系内列的WHERE或RETURNING子句)。
- New row
+ 新行
—
—
—
@@ -883,11 +840,11 @@ ____________________________________________________________________________-->
UPDATE
- ===Existing & new rows
+ 现有 & 新行
—
- Existing row
- New row
+ 现有行
+ 新行
—
DELETE
- ===Existing row
+ 现有行
—
—
—
- Existing row
+ 现有行
____________________________________________________________________________-->
ON CONFLICT DO UPDATE
- ===Existing & new rows
+ 现有 & 新行
—
- Existing row
- New row
+ 现有行
+ 新行
—
@@ -940,7 +897,7 @@ ____________________________________________________________________________-->
- ===Application of Multiple Policies
+ 多重策略的应用
____________________________________________________________________________-->
- ===When multiple policies of different command types apply to the same command
- (for example, SELECT and UPDATE
- policies applied to an UPDATE command), then the user
- must have both types of permissions (for example, permission to select rows
- from the relation as well as permission to update them). Thus the
- expressions for one type of policy are combined with the expressions for
- the other type of policy using the AND operator.
+ 当多种不同命令类型的策略应用于相同命令(例如SELECT和UPDATE策略应用于UPDATE命令)时,用户就必须同时具有这两种类型的权限(例如从关系中选取行和更新的权限)。这样一种策略类型的表达式就与另一种策略类型的表达式通过使用AND操作符组合在一起。
____________________________________________________________________________-->
- ===When multiple policies of the same command type apply to the same command,
- then there must be at least one PERMISSIVE policy
- granting access to the relation, and all of the
- RESTRICTIVE policies must pass. Thus all the
- PERMISSIVE policy expressions are combined using
- OR, all the RESTRICTIVE policy
- expressions are combined using AND, and the results are
- combined using AND. If there are no
- PERMISSIVE policies, then access is denied.
+ 当相同命令类型的多种策略应用于同一命令时,则必须至少有一个PERMISSIVE策略授权对该关系的访问,所有的RESTRICTIVE策略必须通过。这样,所有的PERMISSIVE策略表达式都用OR来组合,所有的RESTRICTIVE策略表达式都用AND来组合,而结果用AND来组合。如果没有PERMISSIVE策略,则拒绝访问。
____________________________________________________________________________-->
- ===Note that, for the purposes of combining multiple policies,
- ALL policies are treated as having the same type as
- whichever other type of policy is being applied.
+ 要注意的是,出于组合多种策略的目的,将ALL策略视为与所应用的任何其他类型的策略具有相同的类型。
- ===For example, in an UPDATE command requiring both
- SELECT and UPDATE permissions, if
- there are multiple applicable policies of each type, they will be combined
- as follows:
+ 例如,在UPDATE命令中,SELECT和UPDATE两种权限都需要,如果每种类型都有多个适用的策略,则将之以下面的方式组合:
expression from RESTRICTIVE SELECT/ALL policy 1