dosubot[bot] commented on issue #35939: URL: https://github.com/apache/superset/issues/35939#issuecomment-3475685196
<!-- Answer --> In Superset 5.0.0, custom SecurityManager implementations must now extend `SupersetSecurityManager` (not Flask AppBuilder's SecurityManager). If your custom class doesn't inherit from `SupersetSecurityManager`, admin-only views like "List Users" will always deny access, even if the user appears to have the Admin role. This is a breaking change from previous versions and is enforced at app startup—see the check and error message in the initialization code ([source](https://github.com/apache/superset/blob/829e4d92d91ceae4b43b1ed3b063ffe45377799c/superset/initialization/__init__.py#L303-L620)). Also, Superset expects user objects to have certain attributes (like `active` and `is_authenticated`) for permission checks. If your custom SecurityManager or user class doesn't provide these, access can be denied without clear errors ([example](https://github.com/apache/superset/issues/35282)). To restore access to the user list: - Make sure your custom SecurityManager inherits from `SupersetSecurityManager`. - Confirm your user objects implement all required attributes (`active`, `is_authenticated`, etc.). - Double-check that your Admin role assignment logic is compatible with Superset's expectations in v5. Issue #29505 is unrelated; it addresses a different security config problem and does not resolve this specific regression. If you update your custom SecurityManager to inherit from `SupersetSecurityManager` and ensure all required user attributes are present, the "List Users" page should work as expected for Admins in Superset 5.0.0 ([reference](https://github.com/apache/superset/blob/829e4d92d91ceae4b43b1ed3b063ffe45377799c/superset/initialization/__init__.py#L303-L620)). <!-- Dosu Comment Footer --> *To reply, just mention [@dosu](https://go.dosu.dev/dosubot).* --- <sup>How did I do? [Good](https://app.dosu.dev/response-feedback/0a348160-373b-461e-aed0-557cbe6b141e?feedback_type=great_response) | [Irrelevant](https://app.dosu.dev/response-feedback/0a348160-373b-461e-aed0-557cbe6b141e?feedback_type=irrelevant_answer) | [Incorrect](https://app.dosu.dev/response-feedback/0a348160-373b-461e-aed0-557cbe6b141e?feedback_type=incorrect_sources) | [Verbose](https://app.dosu.dev/response-feedback/0a348160-373b-461e-aed0-557cbe6b141e?feedback_type=too_verbose) | [Hallucination](https://app.dosu.dev/response-feedback/0a348160-373b-461e-aed0-557cbe6b141e?feedback_type=hallucination) | [Report 🐛](https://app.dosu.dev/response-feedback/0a348160-373b-461e-aed0-557cbe6b141e?feedback_type=bug_report) | [Other](https://app.dosu.dev/response-feedback/0a348160-373b-461e-aed0-557cbe6b141e?feedback_type=other)</sup> [](https://app.dosu.dev/a28d3c7e-a9d3-459e-9fb6-3a6f9ff4f357/ask?utm_source=githu b) [](https://go.dosu.dev/discord-bot) [](https://twitter.com/intent/tweet?text=%40dosu_ai%20helped%20me%20solve%20this%20issue!&url=https%3A//github.com/apache/superset/issues/35939) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
