Summary
New data sources are always added to the default group automatically.
This violates the principle of least privilege, as all users belong to the default group and immediately gain access to every new data source.
This issue was raised in #5015 and #5735, and a reviewer suggested controlling the behavior with an environment variable (#5735 review comment):
Let's control this with an environment variable so that the existing behaviour is still the default, but admins can modify it.
Proposal
Add a new environment variable REDASH_DATASOURCE_AUTO_ASSIGN_GROUP to control which group new data sources are assigned to.
| Value |
Behavior |
default |
Add to default group (current behavior) |
admin |
Add to admin group only |
none |
Do not add to any group |
The default value would be default to preserve backward compatibility.
Summary
New data sources are always added to the
defaultgroup automatically.This violates the principle of least privilege, as all users belong to the
defaultgroup and immediately gain access to every new data source.This issue was raised in #5015 and #5735, and a reviewer suggested controlling the behavior with an environment variable (#5735 review comment):
Proposal
Add a new environment variable
REDASH_DATASOURCE_AUTO_ASSIGN_GROUPto control which group new data sources are assigned to.defaultadminnoneThe default value would be
defaultto preserve backward compatibility.