In a previous post, I explain Authentication with a custom user store. This post looks at how to handle authorization to restrict access to different superset dashboards. Superset is built on top of Flask AppBuilder(FAB) and security is handled by FAB which provides authentication, user management, permissions and roles. The application ships with default roles which are listed here.
Dashboards in superset consist of one or more slices all of which pull data from one data source. A data source can be thought of as a database table or view. So let’s assume we want to provide access to one dashboard while restricting access to another. This is accomplished by adding the permissions necessary to access that dashboard to a particular role. If we need a dashboard to be accessible without having to login, then we add the permissions to the public role.
Superset ships with default dashboards one of which is World’s bank data. To provide access to just this dashboard you need to add the following permissions to the public role(or any specific role for that matter) and then add data source access to the world bank data source.
With these permissions access to the required data source can be added e.g “datasource access on [main].wb_health_population”.
Ps: This approach is based on superset 0.28.1 and my own experimentation as there is no official documentation on superset or FAB regarding the specific granular permissions.