xavier-GitHub76 opened a new issue, #27765: URL: https://github.com/apache/superset/issues/27765
### Bug description Hello, I find permission management tricky because there is little documentation on the subject. with Superset v3.1.1 (docker), I started from a role with no permission to try to understand the impacts of permissions. I notice that certain essential functions rely on permissions. Here is the detail : With no permission, I navigate on pages **HOME PAGE** the simple access on welcome page causes errors   The following permissions are therefore obligatory : - "can read on Dashboard" to list dashbords on home page - "can read on Chart" to list charts on home page - "can recent activity on Log" The Create buttons are presents although the user has no permission. Click on it --> Error  **PARAMETERS/PROFIL** OK, the page is displayed but why a permission "can profile on Superset" exists ? It's seems unnecessary **PARAMETERS/INFO** Error "Acces is denied"  The following permission is therefore obligatory : - "userinfoedit on UserDBModelView" **Proposed solution** if permission is imposed on everyone then it should not exist : - "can read on Dashboard" - "can read on Chart" - "can recent activity on Log" - "userinfoedit on UserDBModelView" could be deleted Create buttons should be displayed only if permission (value to specify) are present Same for Parameters/Info, it's should be displayed only if permission "userinfoedit on UserDBModelView" is present if permission is unnecessary then it should not exist : - "can profile on Superset" could be deleted Best regards ### How to reproduce the bug Create a role without permission Create a user with this role With this user, go on : - welcome page - > Error dashbaords et charts listing - > Error recent logs - > Error on Create buttons (dashboards and charts) - profile page - > Displayed without permission - info page - > Error Access denied ### Screenshots/recordings _No response_ ### Superset version 3.1.1 ### Python version 3.9 ### Node version 16 ### Browser Chrome ### Additional context Docker ### Checklist - [ ] I have searched Superset docs and Slack and didn't find a solution to my problem. - [ ] I have searched the GitHub issue tracker and didn't find a similar bug report. - [ ] I have checked Superset's logs for errors and if I found a relevant Python stacktrace, I included it here as text in the "additional context" section. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
