PostgreSQL: Support force row level security (apache#2169)

Author: isaacparker0

src/ast/ddl.rs

@@ -192,6 +192,7 @@ pub enum AlterTableOperation {
     /// `DISABLE ROW LEVEL SECURITY`
     ///
     /// Note: this is a PostgreSQL-specific operation.
+    /// Please refer to [PostgreSQL documentation](https://www.postgresql.org/docs/current/sql-altertable.html)
     DisableRowLevelSecurity,
     /// `DISABLE RULE rewrite_rule_name`
     ///
@@ -318,7 +319,18 @@ pub enum AlterTableOperation {
     /// `ENABLE ROW LEVEL SECURITY`
     ///
     /// Note: this is a PostgreSQL-specific operation.
+    /// Please refer to [PostgreSQL documentation](https://www.postgresql.org/docs/current/sql-altertable.html)
     EnableRowLevelSecurity,
+    /// `FORCE ROW LEVEL SECURITY`
+    ///
+    /// Note: this is a PostgreSQL-specific operation.
+    /// Please refer to [PostgreSQL documentation](https://www.postgresql.org/docs/current/sql-altertable.html)
+    ForceRowLevelSecurity,
+    /// `NO FORCE ROW LEVEL SECURITY`
+    ///
+    /// Note: this is a PostgreSQL-specific operation.
+    /// Please refer to [PostgreSQL documentation](https://www.postgresql.org/docs/current/sql-altertable.html)
+    NoForceRowLevelSecurity,
     /// `ENABLE RULE rewrite_rule_name`
     ///
     /// Note: this is a PostgreSQL-specific operation.
@@ -876,6 +888,12 @@ impl fmt::Display for AlterTableOperation {
             AlterTableOperation::EnableRowLevelSecurity => {
                 write!(f, "ENABLE ROW LEVEL SECURITY")
             }
+            AlterTableOperation::ForceRowLevelSecurity => {
+                write!(f, "FORCE ROW LEVEL SECURITY")
+            }
+            AlterTableOperation::NoForceRowLevelSecurity => {
+                write!(f, "NO FORCE ROW LEVEL SECURITY")
+            }
             AlterTableOperation::EnableRule { name } => {
                 write!(f, "ENABLE RULE {name}")
             }

src/ast/spans.rs

@@ -1121,6 +1121,8 @@ impl Spanned for AlterTableOperation {
             AlterTableOperation::EnableReplicaRule { name } => name.span,
             AlterTableOperation::EnableReplicaTrigger { name } => name.span,
             AlterTableOperation::EnableRowLevelSecurity => Span::empty(),
+            AlterTableOperation::ForceRowLevelSecurity => Span::empty(),
+            AlterTableOperation::NoForceRowLevelSecurity => Span::empty(),
             AlterTableOperation::EnableRule { name } => name.span,
             AlterTableOperation::EnableTrigger { name } => name.span,
             AlterTableOperation::RenamePartitions {

src/parser/mod.rs

@@ -9825,6 +9825,21 @@ impl<'a> Parser<'a> {
                     self.peek_token(),
                 );
             }
+        } else if self.parse_keywords(&[
+            Keyword::FORCE,
+            Keyword::ROW,
+            Keyword::LEVEL,
+            Keyword::SECURITY,
+        ]) {
+            AlterTableOperation::ForceRowLevelSecurity
+        } else if self.parse_keywords(&[
+            Keyword::NO,
+            Keyword::FORCE,
+            Keyword::ROW,
+            Keyword::LEVEL,
+            Keyword::SECURITY,
+        ]) {
+            AlterTableOperation::NoForceRowLevelSecurity
         } else if self.parse_keywords(&[Keyword::CLEAR, Keyword::PROJECTION])
             && dialect_of!(self is ClickHouseDialect|GenericDialect)
         {

tests/sqlparser_postgres.rs

@@ -640,6 +640,8 @@ fn parse_alter_table_enable() {
     pg_and_generic().verified_stmt("ALTER TABLE tab ENABLE REPLICA TRIGGER trigger_name");
     pg_and_generic().verified_stmt("ALTER TABLE tab ENABLE REPLICA RULE rule_name");
     pg_and_generic().verified_stmt("ALTER TABLE tab ENABLE ROW LEVEL SECURITY");
+    pg_and_generic().verified_stmt("ALTER TABLE tab FORCE ROW LEVEL SECURITY");
+    pg_and_generic().verified_stmt("ALTER TABLE tab NO FORCE ROW LEVEL SECURITY");
     pg_and_generic().verified_stmt("ALTER TABLE tab ENABLE RULE rule_name");
     pg_and_generic().verified_stmt("ALTER TABLE tab ENABLE TRIGGER ALL");
     pg_and_generic().verified_stmt("ALTER TABLE tab ENABLE TRIGGER USER");