amitmiran137 commented on issue #16557: URL: https://github.com/apache/superset/issues/16557#issuecomment-917571523
> @shawnzhu the UI improvement sounds good to me, seems very useful and has low impact on the current RBAC system. > > > when reading the doc Customizing Permissions, I realized it only create ONE permission (i.e., datasource_access) for each data source, which means if it assign the permission datasource access to [db].dataset_name to a role, any user within this role could edit/view this dataset, so I understand it could treat individual data objects just like other view/model where it can associate permissions (or the new term operation) like can_read, can_write and/or can_delete. > > yes, but do note this is not how it works now, it's treated has datasource access only > > I think @amitmiran137 goal is something we should discuss and get to a general consensus, would be great to sync and get to a final technical solution for Superset 2.0 where we can safely break backward compatibility. Currently I vote for the desired workflow with the existing single permission behind a feature flag. I disagree with postponing that final decision with the fact that **2.0** planning should start now. having another permission with another feature flag would just further complex us. what would be the point of this SIP if we know that soon enough we intend to break it -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
