Open xavier-GitHub76 opened 4 weeks ago
I found a similar closed issue that might be relevant to your problem: How to disable authentication to bypass login? [1].
Regarding your specific issue, the expected behavior for users without the "can write to DashboardPermalinkRestApi" permission is that they should receive a 404 Not Found response when attempting to create a new dashboard's permanent link, not a redirection to the login page [2][3][4].
The logic for rendering anchors (tabs or headers) and their visibility based on permissions is managed within the Header
component. The visibility of these elements is controlled by props such as userCanEdit
, userCanShare
, userCanSave
, and userCanCurate
[5][6][7].
To address the issue, you should ensure that the anchors are only displayed if the user has the necessary permissions. This can be done by checking the relevant permissions before rendering the anchors in the Header
component.
To continue talking to Dosu, mention @dosu.
Bug description
Without "can write to DashboardPermalinkRestApi", clicking on an anchor (tabs or header) redirects to the login page
The anchor should only be displayed if permission is present
How to reproduce the bug
Click on a anchor
Screenshots/recordings
or -->
Superset version
4.0.2
Python version
3.9
Node version
16
Browser
Chrome
Additional context
No response
Checklist