This is an automated email from the ASF dual-hosted git repository.
dpgaspar pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-superset.git
The following commit(s) were added to refs/heads/master by this push:
new d55240a [security] Fix, let admin's be able to reset user passwords
on AUTH_DB (#9232)
d55240a is described below
commit d55240a598803155bbef65d77056ee408c0c2664
Author: Daniel Vaz Gaspar <[email protected]>
AuthorDate: Tue Mar 3 18:57:23 2020 +0000
[security] Fix, let admin's be able to reset user passwords on AUTH_DB
(#9232)
* [security] Fix, let admin's be able to reset user passwords on AUTH_DB
* [security] Fix, use constants
---
superset/security/manager.py | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/superset/security/manager.py b/superset/security/manager.py
index 7a0bd5d..a9ed623 100644
--- a/superset/security/manager.py
+++ b/superset/security/manager.py
@@ -81,7 +81,11 @@ PermissionViewModelView.list_widget =
SupersetSecurityListWidget
PermissionModelView.list_widget = SupersetSecurityListWidget
# Limiting routes on FAB model views
-UserModelView.include_route_methods = RouteMethod.CRUD_SET | {"userinfo"}
+UserModelView.include_route_methods = RouteMethod.CRUD_SET | {
+ RouteMethod.ACTION,
+ RouteMethod.ACTION_POST,
+ "userinfo",
+}
RoleModelView.include_route_methods = RouteMethod.CRUD_SET
PermissionViewModelView.include_route_methods = {RouteMethod.LIST}
PermissionModelView.include_route_methods = {RouteMethod.LIST}
