mistercrunch commented on a change in pull request #5099: Dashboard level access control
URL: https://github.com/apache/incubator-superset/pull/5099#discussion_r192431037
##########
File path: superset/views/core.py
##########
@@ -161,10 +168,29 @@ class DashboardFilter(SupersetFilter):
"""List dashboards for which users have access to at least one slice"""
def apply(self, query, func): # noqa
+ if self.has_all_datasource_access() and self.has_all_dashboard_access():
+ return query
+
+ Dash = models.Dashboard # noqa
+
+ # get ids for dashboards this user has access to
+ dashboard_perms = \
+ {d: True for d in self.get_view_menus('dashboard_access')}
+
+ dashboard_ids = []
+ for dash in db.session.query(Dash):
Review comment:
I'm thinking here you want to only fetch the `dashboard_perms` if `all_dashboard_access`
is not found, and then craft a `filter(*sqla.or_(models.Dashboard.perm.in_(dashboard_perms),
{pre-existing conditions here}))`
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org
|