This is an automated email from the ASF dual-hosted git repository.
maximebeauchemin pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-superset.git
The following commit(s) were added to refs/heads/master by this push:
new a0479d5 fix sql lab permission issue (#6194)
a0479d5 is described below
commit a0479d57b28b276ca3015395d607c4d6777067eb
Author: Junda Yang <[email protected]>
AuthorDate: Thu Oct 25 16:35:43 2018 -0700
fix sql lab permission issue (#6194)
---
superset/security.py | 17 ++++++++++-------
1 file changed, 10 insertions(+), 7 deletions(-)
diff --git a/superset/security.py b/superset/security.py
index c0f6f37..4b58cda 100644
--- a/superset/security.py
+++ b/superset/security.py
@@ -16,6 +16,14 @@ READ_ONLY_MODEL_VIEWS = {
'DruidClusterModelView',
}
+USER_MODEL_VIEWS = {
+ 'UserDBModelView',
+ 'UserLDAPModelView',
+ 'UserOAuthModelView',
+ 'UserOIDModelView',
+ 'UserRemoteUserModelView',
+}
+
GAMMA_READ_ONLY_MODEL_VIEWS = {
'SqlMetricInlineView',
'TableColumnInlineView',
@@ -34,12 +42,7 @@ ADMIN_ONLY_VIEW_MENUS = {
'ResetPasswordView',
'RoleModelView',
'Security',
- 'UserDBModelView',
- 'UserLDAPModelView',
- 'UserOAuthModelView',
- 'UserOIDModelView',
- 'UserRemoteUserModelView',
-}
+} | USER_MODEL_VIEWS
ALPHA_ONLY_VIEW_MENUS = {
'Upload a CSV',
@@ -374,7 +377,7 @@ class SupersetSecurityManager(SecurityManager):
'can_sql_json', 'can_csv', 'can_search_queries',
'can_sqllab_viz',
'can_sqllab',
} or
- (pvm.view_menu.name == 'UserDBModelView' and
+ (pvm.view_menu.name in USER_MODEL_VIEWS and
pvm.permission.name == 'can_list'))
def is_granter_pvm(self, pvm):
