You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@superset.apache.org by su...@apache.org on 2021/05/14 20:37:59 UTC

[superset] branch fix-undefined-roles created (now aa0e09e)

This is an automated email from the ASF dual-hosted git repository.

suddjian pushed a change to branch fix-undefined-roles
in repository https://gitbox.apache.org/repos/asf/superset.git.


      at aa0e09e  fix: roles undefined on public dashboards

This branch includes the following new commits:

     new aa0e09e  fix: roles undefined on public dashboards

The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.

[superset] 01/01: fix: roles undefined on public dashboards

Posted by su...@apache.org.

This is an automated email from the ASF dual-hosted git repository.

suddjian pushed a commit to branch fix-undefined-roles
in repository https://gitbox.apache.org/repos/asf/superset.git

commit aa0e09e00ec635872ebee2393a79679e73d8af73
Author: David Aaron Suddjian <aa...@gmail.com>
AuthorDate: Fri May 14 13:36:33 2021 -0700

    fix: roles undefined on public dashboards
---
 superset-frontend/src/dashboard/util/findPermission.test.ts | 7 +++++++
 superset-frontend/src/dashboard/util/findPermission.ts      | 2 +-
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/superset-frontend/src/dashboard/util/findPermission.test.ts b/superset-frontend/src/dashboard/util/findPermission.test.ts
index 1fbb791..f90c280 100644
--- a/superset-frontend/src/dashboard/util/findPermission.test.ts
+++ b/superset-frontend/src/dashboard/util/findPermission.test.ts
@@ -132,6 +132,13 @@ describe('canUserEditDashboard', () => {
   it('rejects nonexistent users', () => {
     expect(canUserEditDashboard(dashboard, null)).toEqual(false);
   });
+  it('rejects missing roles', () => {
+    // in redux, when there is no user, the user is actually set to an empty object,
+    // so we need to handle missing roles as well as a missing user.s
+    expect(
+      canUserEditDashboard(dashboard, {} as UserWithPermissionsAndRoles),
+    ).toEqual(false);
+  });
   it('rejects "admins" if the admin role does not have edit rights for some reason', () => {
     expect(
       canUserEditDashboard(dashboard, {
diff --git a/superset-frontend/src/dashboard/util/findPermission.ts b/superset-frontend/src/dashboard/util/findPermission.ts
index 995c5d7..8f28a03 100644
--- a/superset-frontend/src/dashboard/util/findPermission.ts
+++ b/superset-frontend/src/dashboard/util/findPermission.ts
@@ -48,6 +48,6 @@ export const canUserEditDashboard = (
   dashboard: Dashboard,
   user?: UserWithPermissionsAndRoles | null,
 ) =>
-  !!user &&
+  !!user?.roles &&
   (isUserAdmin(user) || isUserDashboardOwner(dashboard, user)) &&
   findPermission('can_write', 'Dashboard', user.roles);