1 files changed, 14 insertions, 13 deletions

diff --git a/src/include/rewrite/rowsecurity.h b/src/include/rewrite/rowsecurity.h
index 245005cae2e..8b4d5c0918f 100644
--- a/src/include/rewrite/rowsecurity.h
+++ b/src/include/rewrite/rowsecurity.h
@@ -1,7 +1,9 @@
 /* -------------------------------------------------------------------------
  *
  * rowsecurity.h
- *    prototypes for optimizer/rowsecurity.c
+ *
+ *    prototypes for rewrite/rowsecurity.c and the structures for managing
+ *    the row security policies for relations in relcache.
  *
  * Portions Copyright (c) 1996-2012, PostgreSQL Global Development Group
  * Portions Copyright (c) 1994, Regents of the University of California
@@ -11,20 +13,19 @@
 #ifndef ROWSECURITY_H
 #define ROWSECURITY_H
 
-#include "nodes/execnodes.h"
 #include "nodes/parsenodes.h"
-#include "nodes/relation.h"
 #include "utils/array.h"
+#include "utils/relcache.h"
 
 typedef struct RowSecurityPolicy
 {
-	Oid					rsecid;
-	char			   *policy_name;
-	char				cmd;
-	ArrayType		   *roles;
-	Expr			   *qual;
-	Expr			   *with_check_qual;
-	bool				hassublinks;
+	Oid					rsecid;			/* OID of the policy */
+	char			   *policy_name;	/* Name of the policy */
+	char				cmd;			/* Type of command policy is for */
+	ArrayType		   *roles;			/* Array of roles policy is for */
+	Expr			   *qual;			/* Expression to filter rows */
+	Expr			   *with_check_qual; /* Expression to limit rows allowed */
+	bool				hassublinks;	/* If expression has sublinks */
 } RowSecurityPolicy;
 
 typedef struct RowSecurityDesc
@@ -39,9 +40,9 @@ extern int row_security;
 /* Possible values for row_security GUC */
 typedef enum RowSecurityConfigType
 {
-	ROW_SECURITY_OFF,
-	ROW_SECURITY_ON,
-	ROW_SECURITY_FORCE
+	ROW_SECURITY_OFF,		/* RLS never applied- error thrown if no priv */
+	ROW_SECURITY_ON,		/* normal case, RLS applied for regular users */
+	ROW_SECURITY_FORCE		/* RLS applied for superusers and table owners */
 } RowSecurityConfigType;
 
 /*