You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@superset.apache.org by el...@apache.org on 2023/10/20 23:02:53 UTC
[superset] 06/09: chore: remove CssTemplate and Annotation access from gamma role (#24826)
This is an automated email from the ASF dual-hosted git repository.
elizabeth pushed a commit to branch 2.1
in repository https://gitbox.apache.org/repos/asf/superset.git
commit d31a0cf370ab79e7c35e6b3830aec09b574d34c4
Author: Lily Kuang <li...@preset.io>
AuthorDate: Thu Aug 24 16:39:56 2023 -0700
chore: remove CssTemplate and Annotation access from gamma role (#24826)
---
superset/security/manager.py | 22 +++++++++++-----------
tests/integration_tests/security_tests.py | 3 ---
2 files changed, 11 insertions(+), 14 deletions(-)
diff --git a/superset/security/manager.py b/superset/security/manager.py
index 6f3a4b90bf..391704c41b 100644
--- a/superset/security/manager.py
+++ b/superset/security/manager.py
@@ -167,8 +167,6 @@ class SupersetSecurityManager( # pylint: disable=too-many-public-methods
}
GAMMA_READ_ONLY_MODEL_VIEWS = {
- "Annotation",
- "CssTemplate",
"Dataset",
"Datasource",
} | READ_ONLY_MODEL_VIEWS
@@ -191,19 +189,21 @@ class SupersetSecurityManager( # pylint: disable=too-many-public-methods
} | USER_MODEL_VIEWS
ALPHA_ONLY_VIEW_MENUS = {
- "Manage",
- "CSS Templates",
- "Annotation Layers",
- "Queries",
- "Import dashboards",
- "Upload a CSV",
- "ReportSchedule",
"Alerts & Report",
- "TableSchemaView",
- "CsvToDatabaseView",
+ "Annotation Layers",
+ "Annotation",
+ "CSS Templates",
"ColumnarToDatabaseView",
+ "CssTemplate",
+ "CsvToDatabaseView",
"ExcelToDatabaseView",
+ "Import dashboards",
"ImportExportRestApi",
+ "Manage",
+ "Queries",
+ "ReportSchedule",
+ "TableSchemaView",
+ "Upload a CSV",
}
ADMIN_ONLY_PERMISSIONS = {
diff --git a/tests/integration_tests/security_tests.py b/tests/integration_tests/security_tests.py
index c65f5a6dd8..55fc1f2dad 100644
--- a/tests/integration_tests/security_tests.py
+++ b/tests/integration_tests/security_tests.py
@@ -1345,7 +1345,6 @@ class TestRolePermission(SupersetTestCase):
self.assert_cannot_menu("Alerts & Report", perm_set)
def assert_can_gamma(self, perm_set):
- self.assert_can_read("CssTemplate", perm_set)
self.assert_can_read("Dataset", perm_set)
# make sure that user can create slices and dashboards
@@ -1552,8 +1551,6 @@ class TestRolePermission(SupersetTestCase):
# make sure that user can create slices and dashboards
self.assert_can_all("Dashboard", gamma_perm_set)
self.assert_can_read("Dataset", gamma_perm_set)
- self.assert_can_read("Annotation", gamma_perm_set)
- self.assert_can_read("CssTemplate", gamma_perm_set)
# make sure that user can create slices and dashboards
self.assert_can_all("Chart", gamma_perm_set)