betodealmeida commented on code in PR #33614:
URL: https://github.com/apache/superset/pull/33614#discussion_r2113952800
##########
docs/docs/configuration/sql-templating.mdx:
##########
@@ -250,6 +250,21 @@ Will be rendered as:
SELECT * FROM users WHERE role IN ('admin', 'viewer')
```
+**Current User RLS Rules**
+
+The `{{ current_user_rls_rules() }}` macro returns an array of RLS rules
applied to the current dataset for the logged in user.
+
+If you have caching enabled in your Superset configuration, then by default
the list of RLS Rules will be used
+by Superset when calculating the cache key. A cache key is a unique identifier
that determines if there's a
+cache hit in the future and Superset can retrieve cached data.
+
+You can disable the inclusion of the roles value in the calculation of the
+cache key by adding the following parameter to your Jinja code:
+
+```python
+{{ current_user_rls_rules(add_to_cache_keys=False) }}
Review Comment:
Why would we want to do this? Would it allow users to see cached RLS roles
that don't belong to them? — that could be a security issue.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
