From 1269cb356ec4d5a2fe794b614609d98a72689f2a Mon Sep 17 00:00:00 2001 From: Ville Brofeldt <33317356+villebro@users.noreply.github.com> Date: Fri, 26 Mar 2021 17:40:41 +0200 Subject: [PATCH] feat(rls): enable row level security by default (#13772) --- UPDATING.md | 2 ++ superset/config.py | 2 +- tests/superset_test_config.py | 1 - 3 files changed, 3 insertions(+), 2 deletions(-) diff --git a/UPDATING.md b/UPDATING.md index 3c276c3e4c3ac..f8f32f7a18678 100644 --- a/UPDATING.md +++ b/UPDATING.md @@ -23,6 +23,8 @@ This file documents any backwards-incompatible changes in Superset and assists people when migrating to a new version. ## Next +- [13772](https://github.com/apache/superset/pull/13772): Row level security (RLS) is now enabled by default. To activate the feature, please run `superset init` to expose the RLS menus to Admin users. + ### Breaking Changes ### Potential Downtime ### Deprecations diff --git a/superset/config.py b/superset/config.py index 5c1387cfc9fa9..0faf811bfa659 100644 --- a/superset/config.py +++ b/superset/config.py @@ -349,7 +349,7 @@ def _try_json_readsha( # pylint: disable=unused-argument # by that custom datasource access. So we are assuming a default security config, # a custom security config could potentially give access to setting filters on # tables that users do not have access to. - "ROW_LEVEL_SECURITY": False, + "ROW_LEVEL_SECURITY": True, # Enables Alerts and reports new implementation "ALERT_REPORTS": False, # Enable experimental feature to search for other dashboards diff --git a/tests/superset_test_config.py b/tests/superset_test_config.py index 0925ec11a285c..651ee35959020 100644 --- a/tests/superset_test_config.py +++ b/tests/superset_test_config.py @@ -56,7 +56,6 @@ "SHARE_QUERIES_VIA_KV_STORE": True, "ENABLE_TEMPLATE_PROCESSING": True, "ENABLE_REACT_CRUD_VIEWS": os.environ.get("ENABLE_REACT_CRUD_VIEWS", False), - "ROW_LEVEL_SECURITY": True, "ALERT_REPORTS": True, "DASHBOARD_NATIVE_FILTERS": True, }