pengwk commented on PR #21769: URL: https://github.com/apache/superset/pull/21769#issuecomment-4781019187
Thanks @rusackas for the review and approval, and for helping narrow the direction here. I pushed the follow-up update to keep the behavior scoped: `all_query_access` now only relaxes the saved-query ownership filter for read/GET requests, while write paths such as bulk delete still enforce ownership. I also added the regression coverage for that case and cleaned up the minor bot style comments. I also left a summary on the linked issue to close the loop with the earlier design discussion around read visibility vs. edit/delete access and the longer-term owners/User Groups direction. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
