diff --git a/caravel/assets/images/create_role.png b/caravel/assets/images/create_role.png new file mode 100644 index 000000000000..0914a5829bc3 Binary files /dev/null and b/caravel/assets/images/create_role.png differ diff --git a/docs/index.rst b/docs/index.rst index 44061c60705c..044548c17a92 100644 --- a/docs/index.rst +++ b/docs/index.rst @@ -32,6 +32,7 @@ Contents installation tutorial + security videos gallery druid diff --git a/docs/security.rst b/docs/security.rst new file mode 100644 index 000000000000..0dfc73626fce --- /dev/null +++ b/docs/security.rst @@ -0,0 +1,70 @@ +Security +======== +Security in Caravel is handled by Flask AppBuilder (FAB). FAB is a +"Simple and rapid application development framework, built on top of Flask.". +FAB provides authentication, user management, permissions and roles. + + +Provided Roles +-------------- +Caravel ships with 3 roles that are handled by Caravel itself. You can +assume that these 3 roles will stay up-to-date as Caravel evolves. + +Admin +""""" +Admins have all rights, including granting or revoking rights from other +users and altering other people's slices and dashboards. + +Alpha +""""" +Alpha have access to all data sources, but they cannot grant or revoke access +from other users. They are also limited to altering the objects that they +own. Alpha users can add and alter data sources. + +Gamma +""""" +Gamma have limited access. They can only consume data coming from data sources +they have been giving access to through another complementary role. +They only have access to view the slices and +dashboards made from data sources that they have access to. Currently Gamma +users are not able to alter or add data sources. We assume that they are +mostly content consumers, though they can create slices and dashboards. + +Also note that when Gamma users look at the dashboards and slices list view, +they will only see the objects that they have access to. + + +Managing Gamma per data source access +------------------------------------- +Here's how to provide users access to only specific datasets. First make +sure the users with limited access have [only] the Gamma role assigned to +them. Second, create a new role (``Menu -> Security -> List Roles``) and +click the ``+`` sign. + +.. image:: _static/img/create_role.png + :scale: 50 % + +This new window allows you to give this new role a name, attribute it to users +and select the tables in the ``Permissions`` dropdown. To select the data +sources you want to associate with this role, simply click in the dropdown +and use the typeahead to search for your table names. + +You can then confirm with your Gamma users that they see the objects +(dashboards and slices) associated with the tables related to their roles. + + +Customizing +----------- + +The permissions exposed by FAB are very granular and allow for a great level +of customization. FAB creates many permissions automagically for each model +that is create (can_add, can_delete, can_show, can_edit, ...) as well as for +each view. On top of that, Caravel can expose more granular permissions like +``all_datasource_access``. + +We do not recommend altering the 3 base roles as there +are a set of assumptions that Caravel build upon. It is possible though for +you to create your own roles, and union them to existing ones. + +The best way to go is probably to give user ``Gamma`` plus another role +that would add specific permissions needed by this type of users.