Question: How to implement permissions for a multi tenant application? #686
Comments
|
The app isn't really designed for multi-tenancy and there isn't a simple way to do this. For example, you would have to filter querylogs, connections, etc. If you were only trying to display the results to particular users, that is (in theory) supported via the It's a bit clunky in that you would likely have to modify the code each time you needed a permission change. You can see more how it is implemented here: https://github.com/explorerhq/sql-explorer/blob/master/explorer/utils.py#L165 Let me know if that helps... |
|
I think I would really need to intercept the query itself before it gets executed, maybe I would hook into sql-explorer/explorer/models.py Line 96 in 910cb71 but there I cant get the request context, can I? |
This is a great tool and takes away the burden of creating tons of reports for individual clients but just letting them make their own reports. However, there is also my point. How am I supposed to manage the fact that one client should only see his data? Is there some hook where I could change the query?
Another way would be to provide the queries and disallow the edit, but then there one would need a way to inject the current user as immutable variable. If there is currently no way to inject the user as fixed variable and since it is open source, where would you add (allow) such a feature to be added?
The text was updated successfully, but these errors were encountered: