MM-Lehmann commented on issue #18634: URL: https://github.com/apache/superset/issues/18634#issuecomment-1249075630
> The error is in > > [superset/security/manager.py](https://github.com/apache/superset/blob/master/superset/security/manager.py#L1926) > > in the **has_rbac_access** function > > ``` > def has_rbac_access() -> bool: > return (not is_feature_enabled("DASHBOARD_RBAC")) or any( > dashboard_role.id > in [user_role.id for user_role in self.get_user_roles()] > for dashboard_role in dashboard.roles > ) > ``` > > Delete the "not" and everything works as expected. Sorry, first post here, have to read up on how to officially post such things. Sorry @benjamin-mueller, that doesn't make sense. Your solution would completely bypass any role management introduced with the feature flag and grant all access, only because the FF is enabled. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@superset.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: notifications-unsubscr...@superset.apache.org For additional commands, e-mail: notifications-h...@superset.apache.org
