dpgaspar commented on a change in pull request #9232: [security] Fix, let
admin's be able to reset user passwords on AUTH_DB
URL:
https://github.com/apache/incubator-superset/pull/9232#discussion_r387159531
##########
File path: superset/security/manager.py
##########
@@ -81,7 +81,11 @@ def __init__(self, **kwargs):
PermissionModelView.list_widget = SupersetSecurityListWidget
# Limiting routes on FAB model views
-UserModelView.include_route_methods = RouteMethod.CRUD_SET | {"userinfo"}
+UserModelView.include_route_methods = RouteMethod.CRUD_SET | {
+ RouteMethod.ACTION,
+ RouteMethod.ACTION_POST,
+ "userinfo",
Review comment:
We can of course, did a quick search and found a bunch "lonely" routes. Like
`download_dashboards`, `bulk_delete`, `table_metadata`. Would say that the idea
here is that non repeatable ones, get referenced in place.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
With regards,
Apache Git Services
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
