Row-level security can lead to very complex configurations for a variety of reasons. For instance:
- An UPDATE policy can specify both the rows on which we act and what changes can be accepted
- UPDATE and DELETE policies in some cases require visibility as granted by an appropriate SELECT policy
- UPDATE policies are also applied to INSERT ... ON CONFLICT DO UPDATE
We recommend reading the fine details at the following URL:
https://www.postgresql.org/docs/current/static/ddl-rowsecurity.html