Describe the bug
We are trying to do data access control through datahub. We are able to restrict users by creating policies and assigning a single user based on tag.
While trying to do so through postman I am able to get all the data of that particular dataset, which should have prompted 'Sorry, you are not authorized to access this page.'
To Reproduce
Steps to reproduce the behavior:
Create a policy from UI giving resource type as dataset and assigning a tag to it, which you might have linked to a particular dataset. At the last step of creating policy assign user too.
Create a new PAT and use that PAT(Auth type: Bearer Token) to make a call to datahub GMS.
After clicking on send button, I am able to see all the content inside that dataset
Expected behavior
Content of the dataset should be restricted and should give out an error
Additional context
Added the envs in datahub GMS
REST_API_AUTHORIZATION_ENABLED and
metadata_service_authentication in datahub's value.yml
Describe the bug We are trying to do data access control through datahub. We are able to restrict users by creating policies and assigning a single user based on tag. While trying to do so through postman I am able to get all the data of that particular dataset, which should have prompted 'Sorry, you are not authorized to access this page.'
To Reproduce Steps to reproduce the behavior:
Expected behavior Content of the dataset should be restricted and should give out an error
Additional context Added the envs in datahub GMS REST_API_AUTHORIZATION_ENABLED and metadata_service_authentication in datahub's value.yml