dosubot[bot] commented on issue #30927: URL: https://github.com/apache/superset/issues/30927#issuecomment-2478167607
<!-- Greeting --> Hey @casmoir! I'm here to help you with any issues or questions you have. I'm a bot designed to assist with bug resolution, answer queries, and guide you on how to contribute. Let's dive into solving the problem you've encountered! <!-- Answer --> The issue you're experiencing, where users without the appropriate permissions can see the "+ DASHBOARD" and "+ CHART" buttons, seems to be related to how Superset handles the visibility of UI elements based on user roles and permissions. In Superset, the visibility of UI components is typically controlled by checking user permissions before rendering them. However, it appears that the logic for these specific buttons might not be correctly implemented to hide them for users without the necessary permissions. This could be a bug in the permission-checking logic for these buttons. To address this, you might want to look into the code responsible for rendering these buttons and ensure that it includes proper permission checks. The functions `canUserEditDashboard` and `userHasPermission` are examples of how permissions are typically checked in Superset <sup>[[1]](https://github.com/apache/superset/blob/master/superset-frontend/src/dashboard/util/permissionUtils.ts)</sup>. These functions ensure that only users with the appropriate permissions can perform certain actions or see specific UI elements. If you're comfortable with code, you could investigate the relevant components in the Superset codebase to see if similar permission checks are missing for the "+ DASHBOARD" and "+ CHART" buttons. If not, this might be something to report as a bug to the maintainers for further investigation. <!-- Dosu Comment Footer --> *To continue talking to [Dosu](https://dosu.dev), mention @dosu.* -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
