u35253 commented on issue #31938:
URL: https://github.com/apache/superset/issues/31938#issuecomment-2635204648
# DASHBOARD_RBAC may not work for datasets included via `dataset()` Jinja
template macro
If anyone works on this one, I kindly request please making sure that the
case is tested too in which the dataset needed by the dashboard contains a
Jinja snippet that includes another dataset as a subquery using the `dataset
macro` (e.g., `SELECT * FROM {{ dataset(42) }}`) [0].
- To be clear, this Jinja dataset inclusion is a feature separate from
DASHBOARD_RBAC that works fine to nest/generate queries.
- The point of this comment is that it is important to make sure that
DASHBOARD_RBAC does let the users access that Jinja-based-nested-subquery
dataset as well.
The reason for this comment comment is that, while Jinja nested datasets
work, I have recently had to specifically grant dataset access to a Role
getting denied dataset that was the nested/Jinja-included dataset used within
the dataset of a chart, even though `DASHBOARD_RBAC` was enabled and was
anticipated to have allowed access already, according to the docs, since
"Granting a role access to a dashboard will bypass dataset level checks."
I'm not 100% sure if it's the same issue bug tracked in this Issue, but it
seems like it could be, so I point it out in case there is something there, to
be included in testing/bugfixing, please.
Thank you for the great Superset dashboarding software.
[0] https://superset.apache.org/docs/configuration/sql-templating/
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
