[GitHub] [superset] villebro commented on a diff in pull request #22566: fix(sqllab): remove link to sqllab if missing perms

GitBox Tue, 03 Jan 2023 07:39:48 -0800


villebro commented on code in PR #22566:
URL: https://github.com/apache/superset/pull/22566#discussion_r1060704671



##########
superset/views/core.py:
##########
@@ -2777,6 +2777,13 @@ def _get_sqllab_tabs(user_id: Optional[int]) -> 
Dict[str, Any]:
     @expose("/sqllab/", methods=["GET", "POST"])
     def sqllab(self) -> FlaskResponse:
         """SQL Editor"""
+        if not (
+            security_manager.is_admin()
+            or "sql_lab" in (role.name for role in 
security_manager.get_user_roles())
+        ):
+            flash(__("You do not have access to SQL Lab"), "danger")
+            return redirect("/")

Review Comment:
   Good idea, I'll move it over 👍



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscr...@superset.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscr...@superset.apache.org
For additional commands, e-mail: notifications-h...@superset.apache.org

[GitHub] [superset] villebro commented on a diff in pull request #22566: fix(sqllab): remove link to sqllab if missing perms

Reply via email to