mistercrunch commented on a change in pull request #8699: [SIP-29] Add support
for row-level security
URL:
https://github.com/apache/incubator-superset/pull/8699#discussion_r353563534
##########
File path: superset/connectors/sqla/models.py
##########
@@ -977,6 +977,17 @@ def _get_top_groups(
return or_(*groups)
def query(self, query_obj: Dict) -> QueryResult:
+ filters = security_manager.get_row_level_security_filters(
Review comment:
Also wondering if this logic should be in `get_sqla_query` instead
(unclear). One thing that would be neat would be to enable templating in the
text, and if this was done in `get_sqla_query` you'd have a handle on
`template_processor.process_template` in that context.
Eventually it'd be great to be able to base row level rules on user
attribute as in `WHERE sales_team_id = {{ current_user.extras.sales_team_id
}}`, (note that `extras` doesn't really exist yet) instead of having to create
entries for each sales team. You could even imagine things like `WHERE country
IN {{ call_external_service.list_access_to_countries(current_user.id) }}`
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
With regards,
Apache Git Services
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
