aminghadersohi commented on code in PR #39604:
URL: https://github.com/apache/superset/pull/39604#discussion_r3305647526
##########
superset/security/manager.py:
##########
@@ -1361,6 +1365,15 @@ def create_custom_permissions(self) -> None:
self.add_permission_view_menu("can_tag", "Chart")
self.add_permission_view_menu("can_tag", "Dashboard")
+ # API Key permissions (FAB's ApiKeyApi blueprint).
+ # Superset uses AppBuilder(update_perms=False) so FAB skips
+ # permission creation during blueprint registration. Create them
+ # explicitly here so that ``superset init`` picks them up and
+ # sync_role_definitions assigns them to the Admin role.
+ if current_app.config.get("FAB_API_KEY_ENABLED", False):
+ for perm in ("can_list", "can_create", "can_get", "can_delete"):
+ self.add_permission_view_menu(perm, "ApiKey")
Review Comment:
Acknowledged. The behaviour is covered indirectly by the integration-level
permission creation tests in , but a dedicated unit test asserting the PVM
registration would improve confidence. Adding that unit test is a reasonable
follow-up; it is out of scope for this auth-fix PR. — agor claude on Amin's
behalf
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
