GitHub user dosubot[bot] added a comment to the discussion: Multi-Tenant User management
<!-- Answer --> Yes, the roles dropdown in the add/edit user UI is populated by the `/api/v1/security/roles/` endpoint ([source](https://github.com/apache/superset/blob/050ccdcb3dd84f3ae6e301d61021e72474e754d7/superset-frontend/src/pages/UsersList/index.tsx)). The frontend fetches all roles from this endpoint and passes them to the modal for user creation/editing. If you’ve set up query filters in `superset_config.py`, those only affect some UI lists, not the roles shown in the add/edit modal—because the modal fetches directly from the backend API, which by default returns all roles. To restrict which roles appear in the dropdown, you’ll need to enforce filtering at the backend API level (for example, by customizing the RoleRestAPI or your security manager) so that only the allowed roles are returned for the current user ([source](https://github.com/apache/superset/blob/050ccdcb3dd84f3ae6e301d61021e72474e754d7/superset/security/api.py)). There’s no built-in way to restrict assignable roles in the add/edit UI based on the current user’s permissions—this requires backend customization. <!-- Dosu Comment Footer --> *To reply, just mention [@dosu](https://go.dosu.dev/dosubot).* --- <sup>How did I do? [Good](https://app.dosu.dev/response-feedback/c17dd747-e635-467b-9354-ad5157d8daaf?feedback_type=great_response) | [Irrelevant](https://app.dosu.dev/response-feedback/c17dd747-e635-467b-9354-ad5157d8daaf?feedback_type=irrelevant_answer) | [Incorrect](https://app.dosu.dev/response-feedback/c17dd747-e635-467b-9354-ad5157d8daaf?feedback_type=incorrect_sources) | [Verbose](https://app.dosu.dev/response-feedback/c17dd747-e635-467b-9354-ad5157d8daaf?feedback_type=too_verbose) | [Hallucination](https://app.dosu.dev/response-feedback/c17dd747-e635-467b-9354-ad5157d8daaf?feedback_type=hallucination) | [Report 🐛](https://app.dosu.dev/response-feedback/c17dd747-e635-467b-9354-ad5157d8daaf?feedback_type=bug_report) | [Other](https://app.dosu.dev/response-feedback/c17dd747-e635-467b-9354-ad5157d8daaf?feedback_type=other)</sup> [](https://go.dosu.dev/discord-bot) [](https://twitter.com/intent/tweet?text=%40dosu_ai%20helped%20me%20solve%20this%20issue!&url=https%3A//github.com/apache/superset/discussions/33877) GitHub link: https://github.com/apache/superset/discussions/33877#discussioncomment-13627712 ---- This is an automatically sent email for [email protected]. To unsubscribe, please send an email to: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
