john-bodley commented on issue #8175: [metric] Adding security for restricted metrics URL: https://github.com/apache/incubator-superset/pull/8175#issuecomment-529224578 @mistercrunch are you ok with the security manager having logic like `assert_viz_permission`? I agree that we should probably deprecate restricted metrics seeing as i) ad-hoc metrics completely bypass the restrictedness, and ii) there’s currently no check for SQL datasources. Do you think it best if I provide the change to deprecate restricted metrics in this PR or a followup PR?
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
