superset icon indicating copy to clipboard operation
superset copied to clipboard

Published 20 hours ago verified publisher icon apache

Problem with Admin permissions in Superset 2.0.0

Open wiktor2200 opened this issue 2 years ago • 1 comments

Dashboards of all users are not shown to anyone except Admin role. Even when Admin role is copied and assigned to user it's impossible to see other users' dashboards.

How to reproduce the bug

  1. As Admin user create any dashboard (no matter if it's published or not) and it will be available in "Dashboards" menu.
  2. Go to List Roles
  3. Select Admin role and in Actions list select Copy role and rename it whatever you want e.g. "copied" (so role has the same permissions as Admin.
  4. Create (if not exist) new user and assign copied role to it.
  5. Login as user with assigned copied role and no dashboards are shown in Dashboards menu.

What is more when you assign Admin role to user from point 4. above dashboards will be shown.

Expected results

Dashboards view should be managed by permission, not role name.

Screenshots

If applicable, add screenshots to help explain your problem. Admin role: Admin_role copied role: copied_role Dashboard view for Admin role (the same user): dashboard_view_admin_role Dashboard view for copied role (the same user): dashboard_view_copied_role

Environment

(please complete the following information):

  • browser type and version: FF/Chrome (all browsers are affected)
  • superset version: 2.0.0 and latest (29th of July)
  • python version: python --version
  • node.js version: node -v
  • any feature flags active: no

Checklist

Make sure to follow these steps before submitting your issue - thank you!

  • [x] I have checked the superset logs for python stacktraces and included it here as text if there are any.
  • [x] I have reproduced the issue with at least the latest released version of superset. (both 2.0.0 and latest)
  • [x] I have checked the issue tracker for the same issue and I haven't found one similar. (I think this is #20638 similar, but solved problem only for published dashboards for others problem still exists.)

Additional context

Add any other context about the problem here.

wiktor2200 avatar Jul 29 '22 11:07 wiktor2200

Update: the same applies for other features (alerts in my case) managed by user with attached Admin permission. When user is co-owner of Alert he is able to modify alert or turn it on or off. But for other users can only list and see configuration but when trying to apply changes gets Forbidden 403 error. alert list users User is using copied Admin role, so has the same permissions as Admin but is not able to do the same things.

wiktor2200 avatar Jul 29 '22 14:07 wiktor2200

I have the same issue while trying to create a chart, i get forbidden.

Noamstrauss avatar Aug 11 '22 08:08 Noamstrauss

Can confirm superset init fixes the issue.

KillenMr avatar Aug 16 '22 03:08 KillenMr

superset init doesn't work for me, problem still exists.

wiktor2200 avatar Aug 24 '22 15:08 wiktor2200

Since we're now on 3.1, on the verge of 4.0, we're not supporting 2.x or prior versions actively. If anyone is experiencing this issue in current versions, please file a new issue with updated context and repro steps. Thank you for understanding :)

rusackas avatar Feb 15 '24 16:02 rusackas