etr2460 edited a comment on issue #7752: [SQL Lab] Reduce db load on /queries endpoint URL: https://github.com/apache/incubator-superset/pull/7752#issuecomment-505077345 @john-bodley according to here (https://flask-login.readthedocs.io/en/latest/#your-user-class) `is_active` would be preferable because it ensure that they are authenticated and have an active account @mistercrunch Maybe i'm missing some historical context here, but from a security/privacy perspective, I don't see any reason why the `/queries` endpoint would need its own role. All it does is give the user a read only view of queries they already own. If the user never made any queries or didn't have the permissions to, then it would just return a blank object. I think it would be worth mentioning this in the changelog, but I don't think it breaks anything functionally.
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
