mistercrunch commented on a change in pull request #8699: [SIP-29] Add support
for row-level security
URL:
https://github.com/apache/incubator-superset/pull/8699#discussion_r365622405
##########
File path: superset/security/manager.py
##########
@@ -877,3 +878,34 @@ def assert_viz_permission(self, viz: "BaseViz") -> None:
"""
self.assert_datasource_permission(viz.datasource)
+
+ def get_rls_filters(self, table: "BaseDatasource"):
+ """
+ Retrieves the appropriate row level security filters for the current
user and the passed table.
+
+ :param table: The table to check against
+ :returns: A list of filters strings.
+ """
+ if (
+ hasattr(g, "user")
+ and hasattr(g.user, "roles")
+ and hasattr(table, "row_level_security")
Review comment:
Trying to make sense of all 3 `hasattr` here. So `g.user` should be defined
if a user is logged in, and if defined, it seems like `user.roles` should
always be defined, unless I'm missing something.
Now I'm guess `row_level_security` has to do with `DruidDatasource`. Should
we just add a `row_level_security = []` as a class attribute there (or better,
on `BaseDatasource`) for consistency?
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
With regards,
Apache Git Services
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
