goldjee commented on issue #27765: URL: https://github.com/apache/superset/issues/27765#issuecomment-2030523309
Yep, the whole permission system feels very clunky and too raw to manage. If a permission is necessary to be granted for a user to actually use the system, it should not be listed. Also, it's worth mentioning that there are 176 permissions assigned to vanilla Admin role with no proper documentation. If it's the whole set of permissions, I believe they should be grouped by functionality so superusers could easily acknowledge what is assigned to any given role. It could be visualized as a table, like so: | Functionality | Access | Modify | Delete | | ------------- | ------- | ------- | ------ | | Dashboard | [x] | [ ] | [ ] | I believe such a permission view could be a great relief to anyone who administers Superset or conducts security audit on the installation. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@superset.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: notifications-unsubscr...@superset.apache.org For additional commands, e-mail: notifications-h...@superset.apache.org
