GitHub user dosubot[bot] added a comment to the discussion: How could I reduce editing permissions?
<!-- Answer --> You're correct—there isn't a standalone 'can_edit' permission for dashboards. Dashboard editing in Superset is controlled by the combination of having the 'can_write' permission (sometimes shown as "can write panel") and being an owner of the dashboard. The 'can_edit' action is mapped to 'can_write' in the permission model, so all editing (including changing properties, layout, and owners) requires both ownership and 'can_write' rights. This is enforced in the backend, not just the UI, and there's no built-in way to allow editing only certain dashboard properties without broader edit permissions. For reference, see the permission mapping and ownership checks in the code: [MODEL_VIEW_RW_METHOD_PERMISSION_MAP](https://github.com/apache/superset/blob/050ccdcb3dd84f3ae6e301d61021e72474e754d7/superset/constants.py), [DashboardModelView permissions](https://github.com/apache/superset/blob/050ccdcb3dd84f3ae6e301d61021e72474e754d7/superset/views/dashboard/views.py), [ownership enforcement](https://github.com/apache/superset/blob/050ccdcb3dd84f3ae6e301d61021e72474e754d7/superset/security/manager.py), and the [dashboard permission migration](https://github.com/apache/superset/blob/050ccdcb3dd84f3ae6e301d61021e72474e754d7/superset/migrations/versions/2020-12-11_11-45_1f6dca87d1a2_security_converge_dashboards.py). To restrict dashboard creation or deletion, you can remove 'can_add' or 'can_delete' from the role, but editing always requires both 'can_write' and ownership. There’s currently no supported way to allow editing only charts within a dashboard without also allowing broader dashboard edits. <!-- Dosu Comment Footer --> *To reply, just mention [@dosu](https://go.dosu.dev/dosubot).* --- <sup>How did I do? [Good](https://app.dosu.dev/response-feedback/fa91600a-e5ab-4e2e-b00e-f63b5f2b1649?feedback_type=great_response) | [Irrelevant](https://app.dosu.dev/response-feedback/fa91600a-e5ab-4e2e-b00e-f63b5f2b1649?feedback_type=irrelevant_answer) | [Incorrect](https://app.dosu.dev/response-feedback/fa91600a-e5ab-4e2e-b00e-f63b5f2b1649?feedback_type=incorrect_sources) | [Verbose](https://app.dosu.dev/response-feedback/fa91600a-e5ab-4e2e-b00e-f63b5f2b1649?feedback_type=too_verbose) | [Hallucination](https://app.dosu.dev/response-feedback/fa91600a-e5ab-4e2e-b00e-f63b5f2b1649?feedback_type=hallucination) | [Report 🐛](https://app.dosu.dev/response-feedback/fa91600a-e5ab-4e2e-b00e-f63b5f2b1649?feedback_type=bug_report) | [Other](https://app.dosu.dev/response-feedback/fa91600a-e5ab-4e2e-b00e-f63b5f2b1649?feedback_type=other)</sup> [](https://go.dosu.dev/discord-bot) [](https://twitter.com/intent/tweet?text=%40dosu_ai%20helped%20me%20solve%20this%20issue!&url=https%3A//github.com/apache/superset/discussions/33981) GitHub link: https://github.com/apache/superset/discussions/33981#discussioncomment-13627449 ---- This is an automatically sent email for [email protected]. To unsubscribe, please send an email to: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
