Hello everyone! Tell me if there is a need to restrict, for example, the Public role or any other role from all users except application administrators. For example, when selecting a role to access the dashboard, users without admin rights could not select this role. I would be grateful for any answers on this issue!
Comment From: dosubot[bot]
By default, Superset does not restrict the ability to assign or select roles like "Public"—any user with dashboard editing rights can assign any available role, including "Public", to a dashboard. If you want to restrict certain roles so only administrators can assign or see them, you need to customize your Superset instance.
You can do this by using the EXTRA_RELATED_QUERY_FILTERS configuration in superset_config.py to filter which roles appear in dropdowns (like the dashboard role selection UI) based on the current user's roles or permissions. For more advanced control, you can create a custom RoleApi subclass to filter the roles list according to your logic, and register it using FLASK_APP_MUTATOR in your config. This way, only admins (or other specified roles) will see or be able to assign sensitive roles like "Public" (example and details).
Without these customizations, there is no built-in feature to prevent non-admin users from selecting or assigning specific roles in the UI (reference).
To reply, just mention @dosu.
How did I do? Good | Irrelevant | Incorrect | Verbose | Hallucination | Report 🐛 | Other 
