Hey Datahub folks. So my team has a requirement that users should not be allowed to list the entities that they don't have access to. From my understanding with Datahub, you can browse and search all entities even if you don't have permission to view their entity page. However, you will get an access denied if you try to view an entity that you don't have access to. We're looking to make this change in the Datahub code, but we'd rather not have to maintain a fork (especially for a larger change like this). Therefore, we wanted to reach out and get some thoughts from you all about this to see if we could instead make a contribution. Is there a reason that anyone can list the entities they don't have access to? It seem like it may be a security issue. Is this something that Datahub would implement in the future, or are already planning on implementing in the future? Is there a suggested implementation strategy for this type of change? If we're going to contribute, how can we do this without breaking existing functionality for users? Some type of flag? @orange-night-91387 @adventurous-rainbow-22453

you can probably manage that with Domain.

Could you explain how that would work?

you can assign entities to a Domain, then you can manage ACL through Domain & Group i.e. a group can edit/view entities for a domain. Something like this

Domains wouldn't hide listings in browsing mode, though. Maybe saved views could hide entities in search. But it's definitely not foolproof

Ryan mentioned that others have requested this feature so I'll wait for a response from the other Datahub devs.