New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[log] fix, log model view permissions #8993
Conversation
tests/security_tests.py
Outdated
self.assertTrue( | ||
security_manager._is_admin_only( | ||
security_manager.find_permission_view_menu("can_delete", "DatabaseView") | ||
log_permissions = ["can_list", "can_show", "can_add", "can_edit", "can_delete"] |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
By default, I think we don't want logs to be editable. I'd remove can_add
, can_edit
, and can_delete
for all users.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
it's merged!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
OK, works for me.
…table # Conflicts: # superset/views/database/api.py
CATEGORY
Choose one
SUMMARY
Restrict LogModelView permissions
TEST PLAN
Tested that users don't have access to the View and Api through
LogRestApi
ADDITIONAL INFORMATION
REVIEWERS