mistercrunch commented on a change in pull request #8699: [SIP-29] Add support
for row-level security
URL:
https://github.com/apache/incubator-superset/pull/8699#discussion_r365623904
##########
File path: superset/security/manager.py
##########
@@ -877,3 +878,34 @@ def assert_viz_permission(self, viz: "BaseViz") -> None:
"""
self.assert_datasource_permission(viz.datasource)
+
+ def get_rls_filters(self, table: "BaseDatasource"):
+ """
+ Retrieves the appropriate row level security filters for the current
user and the passed table.
+
+ :param table: The table to check against
+ :returns: A list of filters strings.
+ """
+ if (
+ hasattr(g, "user")
+ and hasattr(g.user, "roles")
+ and hasattr(table, "row_level_security")
+ ):
+ roles = [role.id for role in g.user.roles]
+ return [
+ f
+ for f in table.row_level_security_filters
Review comment:
Given that by default `sqlalchemy` lazy-loads relationships, this would emit
1+number_of_rls_in_table queries.
Let's write a single `sqlalchemy` query that returns the list of filters
with the proper `IN` clause
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
With regards,
Apache Git Services
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
