richardfogaca opened a new pull request, #37537:
URL: https://github.com/apache/superset/pull/37537
### SUMMARY
This PR introduces a new feature flag `DISABLE_EMBEDDED_SUPERSET_LOGOUT`
that hides the logout button when Superset is embedded via iframe in
SSO-managed authentication flows.
**Use Case:** When Superset is embedded within a parent application (e.g.,
Avaya Infinity Agent) that manages authentication via SSO, the logout button in
Superset becomes problematic:
- Users logging out of Superset while remaining in the parent app creates a
confusing experience
- The parent application should control the authentication lifecycle, not
the embedded Superset instance
- Clicking logout in the iframe may break the SSO session or cause
unexpected behavior
**Solution:** A feature flag that conditionally hides the logout menu item
in the Settings dropdown, allowing administrators to disable logout
functionality in embedded deployments while preserving it for standalone use.
**Changes:**
1. **Backend (`superset/config.py`)**: Added
`DISABLE_EMBEDDED_SUPERSET_LOGOUT` to `DEFAULT_FEATURE_FLAGS` with default
value `False`, including `@docs` annotation linking to documentation
2. **Frontend enum (`featureFlags.ts`)**: Added
`DisableEmbeddedSupersetLogout` TypeScript enum entry
3. **RightMenu component (`RightMenu.tsx`)**: Wrapped logout menu item in
conditional check using `isFeatureEnabled()`
4. **Tests (`RightMenu.test.tsx`)**: Added 2 new tests covering both enabled
and disabled states
5. **Documentation (`docs/docs/configuration/networking-settings.mdx`)**:
Added "Hiding the Logout Button in Embedded Contexts" section under HTML
Embedding
### BEFORE/AFTER SCREENSHOTS OR ANIMATED GIF
**BEFORE (Flag Disabled - Default Behavior):**
Settings menu shows the Logout option as expected.
> 📸 *Screenshot: logout-visible-flag-disabled.png - to be attached*
**AFTER (Flag Enabled):**
Settings menu no longer shows the Logout option - users must log out through
the parent application.
> 📸 *Screenshot: logout-hidden-flag-enabled.png - to be attached*
### TESTING INSTRUCTIONS
#### Unit Tests
```bash
cd superset-frontend
npm run test -- src/features/home/RightMenu.test.tsx
```
All 9 tests pass, including:
- `shows logout button when DISABLE_EMBEDDED_SUPERSET_LOGOUT is false`
- `hides logout button when DISABLE_EMBEDDED_SUPERSET_LOGOUT is true`
#### Manual Testing
1. **Test with flag disabled (default):**
- Start Superset normally
- Log in and click Settings dropdown
- Verify "Logout" option is visible
2. **Test with flag enabled:**
- Add to `superset_config.py`:
```python
FEATURE_FLAGS = {
'DISABLE_EMBEDDED_SUPERSET_LOGOUT': True,
}
```
- Restart Superset
- Log in and click Settings dropdown
- Verify "Logout" option is **not** visible
3. **Test in iframe context:**
- Create a simple HTML page with Superset in an iframe:
```html
<iframe src="http://localhost:8088"; width="100%" height="800"></iframe>
```
- With flag enabled, confirm logout is hidden
- With flag disabled, confirm logout is visible
### ADDITIONAL INFORMATION
- [ ] Has associated issue:
- [x] Required feature flags: `DISABLE_EMBEDDED_SUPERSET_LOGOUT`
- [x] Changes UI
- [ ] Includes DB Migration (follow approval process in
[SIP-59](https://github.com/apache/superset/issues/13351))
- [ ] Migration is atomic, supports rollback & is backwards-compatible
- [ ] Confirm DB migration upgrade and downgrade tested
- [ ] Runtime estimates and downtime expectations provided
- [x] Introduces new feature or API
- [ ] Removes existing feature or API
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
