dosubot[bot] commented on issue #29523:
URL: https://github.com/apache/superset/issues/29523#issuecomment-2217256350
<!-- Answer -->
To ensure that the role becomes a mandatory field in Superset and cannot be
left empty when editing a user profile, you need to add validation logic to
check if the roles field is populated. This can be done by modifying the
`validate` function to include a check for the roles field.
Here is the updated `validate` function:
```tsx
const validate = () => {
if (
currentRule?.name &&
currentRule?.clause &&
currentRule.tables?.length &&
currentRule.roles?.length
) {
setDisableSave(false);
} else {
setDisableSave(true);
}
};
```
This ensures that the `disableSave` state is set to `true` if the roles
field is empty, making the save button disabled until the roles field is
populated
<sup>[[1]](https://github.com/apache/superset/blob/master/superset-frontend/src/features/rls/RowLevelSecurityModal.tsx)</sup>.
Additionally, you can customize the user model to enforce that the role
field is mandatory by modifying the `UserModelView` to include a validation
that ensures the role field is not empty. This can be done by overriding the
`UserModelView` and adding a custom form with the required validation.
Here is an example:
```python
from flask_appbuilder import ModelView
from flask_appbuilder.forms import DynamicForm
from wtforms import validators, SelectMultipleField
from superset import app, db
from superset.security.manager import SupersetSecurityManager
class CustomUserForm(DynamicForm):
roles = SelectMultipleField(
'Roles',
validators=[validators.DataRequired(message="Role field is
mandatory")],
coerce=int
)
class CustomUserModelView(ModelView):
datamodel = db.Model
add_form = CustomUserForm
edit_form = CustomUserForm
class CustomSecurityManager(SupersetSecurityManager):
usermodelview = CustomUserModelView
appbuilder = app.appbuilder
appbuilder.security_manager_class = CustomSecurityManager
appbuilder.init_app(app, db.session)
```
In this example:
- `CustomUserForm` is defined with a `roles` field that uses
`validators.DataRequired` to enforce that the field is mandatory.
- `CustomUserModelView` is created to use this custom form.
- `CustomSecurityManager` is defined to use the `CustomUserModelView`.
- Finally, the `appbuilder` is configured to use the `CustomSecurityManager`.
This setup ensures that the role field is mandatory when creating or editing
a user in Superset
<sup>[[2]](https://github.com/apache/superset/blob/master/superset/security/manager.py)</sup><sup>[[3]](https://github.com/apache/superset/blob/master/docs/docs/configuration/configuring-superset.mdx)</sup>.
<!-- Dosu Comment Footer -->
*To continue talking to [Dosu](https://dosu.dev), mention @dosu.*
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
