You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
in this case, a use named A, he has not have any datasource access or view permission, while the dashboard have a text widget, the user A can find the dashboard which have text widget on dashboard lis page, the reason is than this python file: app/redash/model/init.py about the class Dashboard with that method :
It was implemented this way intentionally, but we no longer need this behavior. You're welcome to submit a Pull Request to update this behavior.
arikfr
changed the title
dashboard permission bug
Dashboards list includes dashboards with text widgets
Sep 9, 2019
arikfr
changed the title
Dashboards list includes dashboards with text widgets
Dashboards list includes dashboards with text widgets where you have no access to any other widgets
Sep 9, 2019
* Allow executing query with either view_query or execute_query permissions.
* Render AuthHeader according to permissions.
* Don't return dashboards where you only have access to textbox widget.
Closes#4099.
in this case, a use named A, he has not have any datasource access or view permission, while the dashboard have a text widget, the user A can find the dashboard which have text widget on dashboard lis page, the reason is than this python file: app/redash/model/init.py about the class Dashboard with that method :
the query on Widget.visualization == None so will find all dashboard that have text widget
The text was updated successfully, but these errors were encountered: