You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@superset.apache.org by Ke Zhu <kz...@us.ibm.com> on 2021/09/21 20:25:21 UTC

[SIP-72] Dataset RBAC

I opened SIP-72 here: https://github.com/apache/superset/issues/16557

@junlincc suggested opening a thread to drive more discussion.

Summary (from @nytai):
improve this UI/workflow by adding this control directly on the dataset edit modal instead of in the edit roles menu. This would also allow dataset owners to grant access instead of having to ask someone with edit roles access to grant access.

I've started to familiar with the codebase on both frontend and backend. So far, my design is splitted into 3 parts:

1. new feature fag `DATASET_RBAC`
2. new option on the edit dataset modal to select roles
3. update dataset permission to roles in the API /v1/datasource/save

Questions I want to get clarification:
1. in step 3, I found the API /v1/dataset but it's not used for edit dataset which is done by POST /v1/datasource/save. is this expected or kind of legacy path?
2. there is difference design idea about making a general access control instead of adding feature flag on existing one permission per dataset.
3. terms around dataset/datasource/sqltable in backend codebase. I do want some guidance