[GitHub] [superset] ktmud opened a new pull request #14148: fix(dashboard): incorrect perm for users with multiple roles

Wed, 14 Apr 2021 13:40:54 -0700 


ktmud opened a new pull request #14148:
URL: https://github.com/apache/superset/pull/14148


   ### SUMMARY
   
   This fixes a bug where dashboard permission check is incorrect when users 
have multiple roles.
   
   The resulted some users not seeing "View chart in Explore" link in 
dashboards.
   
   cc @suddjian @pkdotson
   
   ### BEFORE/AFTER SCREENSHOTS OR ANIMATED GIF
   
   #### Before
   
   <img width="513" alt="perm-before" 
src="https://user-images.githubusercontent.com/335541/114775804-92137980-9d26-11eb-86dc-c4139467bb32.png";>
   
   Some links in chart menu are missing if the user has multiple roles and the 
last role does not contain permission for `[Superset, can_explore]`.
   
   #### After
   
   <img width="620" alt="perm-after" 
src="https://user-images.githubusercontent.com/335541/114775934-bc653700-9d26-11eb-922f-31f4d033c9c8.png";>
   
   ### TEST PLAN
   
   To reproduce the bug, add  a new role (e.g. `sql_lab`) to the logged in user.
   
   Added unit tests.
   
   ### ADDITIONAL INFORMATION
   <!--- Check any relevant boxes with "x" -->
   <!--- HINT: Include "Fixes #nnn" if you are fixing an existing issue -->
   - [x] Has associated issue:  #13306 
   - [ ] Changes UI
   - [ ] Includes DB Migration (follow approval process in 
[SIP-59](https://github.com/apache/superset/issues/13351))
     - [ ] Migration is atomic, supports rollback & is backwards-compatible
     - [ ] Confirm DB migration upgrade and downgrade tested
     - [ ] Runtime estimates and downtime expectations provided
   - [ ] Introduces new feature or API
   - [ ] Removes existing feature or API
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
[email protected]



---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to