[GitHub] [superset] dpgaspar commented on pull request #23118: fix(rbac): show objects accessible by database access perm

["dpgaspar (via GitHub)" <gi...@apache.org>]

dpgaspar commented on PR #23118:
URL: https://github.com/apache/superset/pull/23118#issuecomment-1440264648

   > > This is great, could be considered a breaking change, since all users with database access to X on SQLLab, will now have access to all dashboards/charts with datasets from that database.
   > > Would be nice to have more tests asserting this change on charts and dashboards.
   > 
   > In fact all users already had access to the underlying entities (datasets, charts and dashboards), they were just not showing up on the list views. So I rather consider this a fix, unless someone was relying on some items to be hidden but accessible.
   > 
   > Having said that, it does make sense to at least add a note to `UPDATING.md`. Do you think that would be sufficient? Or does this need to wait for 3.0 and be put behind a feature flag before then?
   
   I vote for just adding a note on `UPDATING`, but @eschutho should have a word here 


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org