[GitHub] [superset] dpgaspar commented on issue #16557: [SIP-72] dataset RBAC

[GitBox <gi...@apache.org>]

dpgaspar commented on issue #16557:
URL: https://github.com/apache/superset/issues/16557#issuecomment-916808470


   @shawnzhu the UI improvement sounds good to me, seems very useful and has low impact on the current RBAC system.
   
   > when reading the doc Customizing Permissions, I realized it only create ONE permission (i.e., datasource_access) for each data source, which means if it assign the permission datasource access to [db].[dataset_name](id:x) to a role, any user within this role could edit/view this dataset, so I understand it could treat individual data objects just like other view/model where it can associate permissions (or the new term operation) like can_read, can_write and/or can_delete.
   
   yes, but do note this is not how it works now, it's treated has datasource access only
   
   I think @amitmiran137 goal is something we should discuss and get to a general consensus, would be great to sync and get to a final technical solution for Superset 2.0 where we can safely break backward compatibility. Currently I vote for the desired workflow with the existing single permission behind a feature flag.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org