How to use row level security in Superset UI

Question

I am using the newest version of superset and it has the row-level security option in the UI. Can anyone help me and let me know or give a little walk through that how can I implement it in the UI and use it. There is hardly much documentation there.

Answer 1

Row level security essentially works like a WHERE clause. Let's assume that we build a dashboard using table called tbl_org that look likes:

manager_name    department  agent
Jim             Sales       Agent 1
Jim             Sales       Agent 2
Jack            HR          Agent 3
Jack            HR          Agent 4

Say, we need to show Jim only the rows/records where he is a manager on the dashboard when he logs in. The same for Jack. This is when RLS is useful.

The Superset UI provides three fields that need to be filled.

1. Table: The table on which we want to apply RLS. In this case would be tbl_org
2. Roles: The role or roles to which you want this rule to apply to. Let's say we use the Gamma role.
3. Clause: The SQL condition. The condition provided here gets applied to the where clause when the query is executed to fetch data for the dashboard. So for example, if you use the condition manager_name = Jim this will result in the query: SELECT * from tbl_org where manager_name = Jim

If you want dynamically filter the table based on the user who logs in you can use a jinja template:

manager_name = '{{current_username()}}'

For this, the usernames created in Superset need to match the manager_name column in tbl_org