feat(rls): enable row level security by default (#13772)

apache · Mar 26, 2021 · 5ae91e2 · 5ae91e2
1 parent 3cfeb43
commit 5ae91e2
Show file tree

Hide file tree

Showing 3 changed files with 3 additions and 2 deletions.
diff --git a/UPDATING.md b/UPDATING.md
@@ -23,6 +23,8 @@ This file documents any backwards-incompatible changes in Superset and
 assists people when migrating to a new version.
 
 ## Next
+- [13772](https://github.com/apache/superset/pull/13772): Row level security (RLS) is now enabled by default. To activate the feature, please run `superset init` to expose the RLS menus to Admin users.
+
 ### Breaking Changes
 ### Potential Downtime
 ### Deprecations

diff --git a/superset/config.py b/superset/config.py
@@ -349,7 +349,7 @@ def _try_json_readsha(  # pylint: disable=unused-argument
     # by that custom datasource access. So we are assuming a default security config,
     # a custom security config could potentially give access to setting filters on
     # tables that users do not have access to.
-    "ROW_LEVEL_SECURITY": False,
+    "ROW_LEVEL_SECURITY": True,
     # Enables Alerts and reports new implementation
     "ALERT_REPORTS": False,
     # Enable experimental feature to search for other dashboards

diff --git a/tests/superset_test_config.py b/tests/superset_test_config.py
@@ -56,7 +56,6 @@
     "SHARE_QUERIES_VIA_KV_STORE": True,
     "ENABLE_TEMPLATE_PROCESSING": True,
     "ENABLE_REACT_CRUD_VIEWS": os.environ.get("ENABLE_REACT_CRUD_VIEWS", False),
-    "ROW_LEVEL_SECURITY": True,
     "ALERT_REPORTS": True,
     "DASHBOARD_NATIVE_FILTERS": True,
 }