mistercrunch commented on issue #8699: [SIP-29] Add support for row-level security URL: https://github.com/apache/incubator-superset/pull/8699#issuecomment-562904039 It's important to note that we'll be killing the old "table editor" eventually in favor of the React-based one that's accessible in the explore view. That means we'll have to implement the RLS UI there prior to deprecation. That brings the question: "where is the best place to manage RLS rules? should it be in the table editor? in the role editor? ...". One more comment about adding more semantics around clauses (the idea of the JSON blob there). To me it's not necessary for MVP, and I think the the forced logical `AND` is easy to express and reason about. I get how it'd be nice to have the logical OR on columns eventually, but asking for users to write JSON in a UI is not great, clearly a pattern we're moving away from. Maybe as we move to the new table editor we can design the UI that allows for that logical OR idea. Few more things, by default users shouldn't be able to modify RLS settings. For now the way to do that is to add the model view here: https://github.com/apache/incubator-superset/blob/master/superset/security.py#L100-L109 , I think that should do it. The last thing is using the template processor. I think that's easy to do, just a matter of passing the template processor to `_get_row_level_filters`.
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
