[GitHub] [superset] john-bodley commented on a diff in pull request #24350: fix: Address dashboard permission regression in #23586

via GitHub Sat, 10 Jun 2023 14:15:42 -0700


john-bodley commented on code in PR #24350:
URL: https://github.com/apache/superset/pull/24350#discussion_r1225587171



##########
superset/views/core.py:
##########
@@ -1641,76 +1639,57 @@ def favstar(  # pylint: disable=no-self-use
     @has_access
     @expose("/dashboard/<dashboard_id_or_slug>/")
     @event_logger.log_this_with_extra_payload
-    @check_dashboard_access(
-        on_error=lambda msg: redirect_with_flash(DASHBOARD_LIST_URL, msg, 
"danger")
-    )
     def dashboard(
         self,
-        dashboard_id_or_slug: str,  # pylint: disable=unused-argument
+        dashboard_id_or_slug: str,
         add_extra_log_payload: Callable[..., None] = lambda **kwargs: None,
-        dashboard: Dashboard | None = None,
     ) -> FlaskResponse:
         """
-        Server side rendering for a dashboard
-        :param dashboard_id_or_slug: identifier for dashboard. used in the 
decorators
+        Server side rendering for a dashboard.
+
+        :param dashboard_id_or_slug: identifier for dashboard
         :param add_extra_log_payload: added by `log_this_with_manual_updates`, 
set a
             default value to appease pylint
-        :param dashboard: added by `check_dashboard_access`
         """
+
+        dashboard = Dashboard.get(dashboard_id_or_slug)

Review Comment:
   This is concerning that this is different than the 
[DashboardDAO.get_by_id_or_slug](https://github.com/apache/superset/blob/0e3f1f638c06de11668c37329ca7141fd1159293/superset/dashboards/dao.py#L45-L68)
 and that the DAO logic differs (from a filter perspective) whether you pass in 
a UUID versus a slug/ID.
   
   Personally the UUID logic is just adding more complexity to an already 
partially intractable problem in terms of understanding (and thus enforcing) 
the security model. Adhering to the [KISS 
principle](https://en.wikipedia.org/wiki/KISS_principle) in terms of the 
security model will actually make the service more  secure as it'll be easier 
to grok and enforce.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscr...@superset.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscr...@superset.apache.org
For additional commands, e-mail: notifications-h...@superset.apache.org

[GitHub] [superset] john-bodley commented on a diff in pull request #24350: fix: Address dashboard permission regression in #23586

Reply via email to