Apache Superset employs Flask AppBuilder (FAB) for role-based access control (RBAC). FAB provides a flexible and customizable system to manage user roles, permissions, and views. In Superset, predefined roles like Admin, Alpha, Gamma, and SQL Lab are available, each with specific privileges. Custom roles can also be created by administrators.
Role assignment is done during user creation or modification. Permissions are associated with roles, which in turn grant users access to specific views and actions. Views represent UI components, while actions include read, write, delete, etc. Permission-View associations define the level of access granted to a role.
Administrators can create custom roles by selecting desired permission-view combinations, tailoring access levels to organizational needs. This ensures that users only have access to relevant data and functionalities based on their assigned roles.
