jon-coffey opened a new issue, #37938:
URL: https://github.com/apache/superset/issues/37938
Hi,
I’d like to raise a concern regarding the current behavior where **only
Admin users are allowed to view users and roles**.
From what I can see, there are specific permissions in place for managing
users and roles. However, the system appears to ignore those granular
permissions and instead checks for full Admin rights. This effectively
overrides the intended permission model.
In our situation, this approach is not appropriate. I have key users who:
- Should **not** have full Admin rights
- **Need** the ability to:
- Grant permissions to other users
- Create new roles
- View the list of users
- View the list of roles
Under the current implementation, the only way to enable this is to grant
full Admin access, which is not desirable.
I have a few questions:
1. Is this restriction intentional?
2. Is anyone currently working on changing this behavior?
3. What was the reasoning behind requiring full Admin rights instead of
relying on the existing permission model?
If this is not already being addressed, would it be possible to restore the
behavior so that access is controlled strictly by the relevant permissions
rather than Admin status?
I’d be happy to contribute a PR to help resolve this if that would be useful.
For reference, I’m looking at this part of the code:
https://github.com/apache/superset/blob/afacca350f01696e9af7253e31557bfb9f08dae2/superset-frontend/src/views/routes.tsx#L340
Thank you for your clarification.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
