rusackas commented on PR #40650: URL: https://github.com/apache/superset/pull/40650#issuecomment-4661821053
Good call — rather than leave delete out, I went ahead and applied the same datasource access check to `DeleteRLSRuleCommand.validate()` so all three RLS rule commands are consistent: it iterates each rule's `tables` and raises `RLSDatasourceForbiddenError` if the caller can't access one. Admins with `all_datasource_access` are unaffected. Also fixed the stale `ReportSchedule` type hint on `_models` while I was in there. Added unit tests covering the forbidden/allowed delete paths. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
