Agreed on both points. I left a similar comment on the thread. If the author can address these concerns somehow, we can potentially move it forward, but I’m happy that we’re moving forward with the SIP process now, whether it’s denied or ratified.
Thanks, -e- On Jul 30, 2025 at 11:12 AM -0700, Joe Li <[email protected]>, wrote: > -1 since security is an afterthought from this comment. > > "• How do we address security implications, e.g. row level security, PII > leakage, etc. > -- For now, we are not considering this, since once customers within > query_lab role, they should be able to access the query results or shared > results." > > Also with this point here: > "How do we deal with things like the data changing since the query was run > (i.e. cache invalidation) > -- For this case, we can bring up some notification on UI about this result > is retrieved at what date and time, customers can choose to rerun the > query." > > if the user with the link has to rerun the query, it's the same as just > sharing the saved query which has security built in. > > On Wed, Jul 30, 2025 at 9:27 AM Evan Rusackas <[email protected]> wrote: > > > Does anyone have strong feelings about this? If so, please reply on the > > GitHub thread. I'm willing to put it up for a vote if people are interested. > > > > Thanks, > > > > -e- > > > > On 2024/11/21 00:34:31 "Ma, Wenjin" wrote: > > > Hi community, > > > > > > I'm starting a discussion thread on SIP-146, "Save SQL lab query result > > and create sharable link". This is a modification on both UI and backend to > > allow customers to save query results along with saved query and auto-fetch > > query result when the saved query sharable link is open from browser. > > > > > > You can find it here: > > > > > > https://github.com/apache/superset/issues/30256 > > > > > > Thank you, > > > Wenjin > > > > >
