Open kannant-sf opened 3 days ago
To resolve the "Access Denied" issue when navigating to list/users
after implementing a custom login setup in Apache Superset, you need to ensure that the user has the necessary permissions to access the "List Users" view. The "List Users" view is restricted to admin users.
Here is the relevant part of the code that defines the permissions:
ADMIN_ONLY_VIEW_MENUS = {
"Access Requests",
"Action Log",
"Log",
"List Users",
"List Roles",
"ResetPasswordView",
"RoleModelView",
"Row Level Security",
"Row Level Security Filters",
"RowLevelSecurityFiltersModelView",
"Security",
"SQL Lab",
"User Registrations",
"User's Statistics",
} | USER_MODEL_VIEWS
To resolve the issue, you need to ensure that the user has the appropriate admin role that includes access to the "List Users" view. You can do this by assigning the admin role to the user or by modifying the permissions to include the necessary access for the user's role.
Here is an example of how you might assign the admin role to a user:
from superset import app, db
from superset.security.manager import security_manager
# Get the user and role models
User = security_manager.user_model
Role = security_manager.role_model
# Fetch the user and admin role
user = db.session.query(User).filter_by(username='your_username').one()
admin_role = db.session.query(Role).filter_by(name='Admin').one()
# Assign the admin role to the user
user.roles.append(admin_role)
db.session.commit()
Replace 'your_username'
with the actual username of the user you want to grant access to. This will give the user the necessary permissions to access the "List Users" view [1].
To continue talking to Dosu, mention @dosu.
@dosu am not getting any roles array am just getting firstname and lastname alone from the userdb query
@Habeeb556 thanks for the link, but my case is different, i already have admin role only for the user, still its not working, am using superset 3 is that causing a problem here?
@kannant-sf Hmm, it's not causing a problem, but Superset 3.x is not yet supported. It is preferable to upgrade to 4.x.
Also, make sure to update the list of roles and permissions with the following commands:
export FLASK_APP=superset
superset db upgrade
superset init
Bug description
We have deployed our apache superset on AWS fargate, we have our internal dashboards from there we want our users to login hence we have implemented custom login setup on superset side, i was able to do it, now everything works fine, but if i navigate to list/users its redirecting me to login screen and logs in back but getting access denied in right bottom popup, If i revert my custom login code it works properly am using the same user credentials, not sure why it behaves differently, attaching my custom login code
`
How to reproduce the bug
Screenshots/recordings
Superset version
3.1.3
Python version
3.9
Node version
16
Browser
Chrome
Additional context
No response
Checklist