Any brief explanation of user management?
azazel75 opened this issue · comments
Hello guys and thanks for DataLens, it's amazing. I'm in the process of doing an internal installation of DataLens just to let more people of my company get a taste of it and I was looking if there is a way to have at least two separate user roles, the "Editor" that can modify stuff and the "Viewer" that only can look at the dashboards, nothing fancy but just sufficient so that the generic viewer doesn't risk to accidentally ruin the work of the editor because it has clicked the wrong button.
I did some search in the code and it seems that there's some support for user roles and looking into the dl_core package it seems that there's a us_manager middleware that expects an user_id to be injected into the request, Am I right? What isn't yet clear to me is how to to map user ids to roles, but I must confess I've still to look into the database schema.
In the meantime, can I ask you some pointers to code to read or any doc already produced on the subject (even in russian) and/or a brief explanation of how the user management works?
Thank you again for your work!
I just tried to translate the transcript of a Russian video on DataLens' authentication and dicovered the examples repository, I'll try to customize that example to my needs
Hey @azazel75!
Thank you for you interest in DataLens.
Unfortunately, DataLens doesn't support authentication/ACL out of the box at the moment.
The primary points of extension on the backend side are these auth middlewares, which represent their "Trust" versions of what you want to achieve, they basically mean "no auth":
- for control-api
- for data-api
You can subscribe to these issues to stay up to date: