Adding the superset rls setup sql

Author: jarodaerts

docker/pythonpath_dev/superset_config.py

@@ -103,7 +103,14 @@ class CeleryConfig:
     "supports_credentials": True,
     "allow_headers": ["*"],
     "resources": ["*"],
-    "origins": ["http://northwestern.localhost:3000"]
+    "origins": ["http://northwestern.localhost:3000", "*"]
+}
+
+GUEST_ROLE_NAME= 'embed_role'
+GUEST_TOKEN_JWT_EXP_SECONDS = 3600  # 1 hour
+X_FRAME_OPTIONS = 'ALLOWALL'
+CONTENT_SECURITY_POLICY = {
+    'frame-ancestors': ["'self'", '*']
 }
 
 FEATURE_FLAGS = {"ALERT_REPORTS": True, "EMBEDDED_SUPERSET": True}

scripts/dropback-server/enable-rls.sql

@@ -0,0 +1,28 @@
+-- Enable Row Level Security for all tables in the public schema
+DO $$
+DECLARE
+    table_record RECORD;
+BEGIN
+    FOR table_record IN 
+        SELECT tablename 
+        FROM pg_tables 
+        WHERE schemaname = 'public'
+    LOOP
+        BEGIN
+            EXECUTE format('ALTER TABLE %I ENABLE ROW LEVEL SECURITY', table_record.tablename);
+            
+            -- Create a basic policy that allows access to authenticated users
+            EXECUTE format('
+                CREATE POLICY "allow_authenticated_users" ON %I
+                FOR ALL
+                TO authenticated
+                USING (true)
+                WITH CHECK (true)
+            ', table_record.tablename);
+        EXCEPTION
+            WHEN duplicate_object THEN
+                -- Policy already exists, skip
+                NULL;
+        END;
+    END LOOP;
+END $$;