LevisNgigi commented on PR #31421:
URL: https://github.com/apache/superset/pull/31421#issuecomment-2575116648
> Hey @LevisNgigi I am a bit confused about the latest changes where it is
just showing a newly introduced endpoint. Would you clarify the approach here?
Thank you!
Hey @geido This endpoint already existed in the project
"/api/v1/query/{pk}". I added custom implementation on the endpoint to add
ownership validation to ensure only the query owner or authorized users can
access it.Those with "can_read", "SavedQuery" permission. The custom
implementation I added addresses this gap,by ensuring that users with sqllab
role can view shared query via the url.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
