dosubot[bot] commented on issue #34677: URL: https://github.com/apache/superset/issues/34677#issuecomment-3184709245
<!-- Answer --> This bug has been confirmed and was recently fixed in a merged pull request ([#30224](https://github.com/apache/superset/pull/30224)). The root cause was that the Celery async job sometimes lacked the guest_token in its metadata, causing the worker to treat GuestToken users as anonymous and fail permission checks. The fix ensures that when a GuestToken user triggers an async task, the guest_token is included in the job metadata and used to reconstruct the correct user context in the Celery worker. The current implementation of `_load_user_from_job_metadata` already supports loading users by both user_id and guest_token, so if the guest_token is present, GuestToken users are handled correctly ([source](https://github.com/apache/superset/blob/829e4d92d91ceae4b43b1ed3b063ffe45377799c/superset/tasks/async_queries.py)). The async query manager also ensures the guest_token is passed when needed ([source](https://github.com/apache/superset/blob/829e4d92d91ceae4b43b1ed3b063ffe45377799c/superset/async_events/async_query_manager.py)). There is no configuration option or feature flag to disable async queries specifically for GuestToken users as of Superset 5.0. To resolve this, upgrade to a Superset version that includes the fix from PR [#30224](https://github.com/apache/superset/pull/30224), or backport the relevant changes if you cannot upgrade. For reference, a similar issue and workaround for embedded dashboards with async queries is discussed in [this issue](https://github.com/apache/superset/issues/34611). <!-- Dosu Comment Footer --> *To reply, just mention [@dosu](https://go.dosu.dev/dosubot).* --- <sup>How did I do? [Good](https://app.dosu.dev/response-feedback/2209b162-a1e9-4063-9d65-12d4ba2ff64a?feedback_type=great_response) | [Irrelevant](https://app.dosu.dev/response-feedback/2209b162-a1e9-4063-9d65-12d4ba2ff64a?feedback_type=irrelevant_answer) | [Incorrect](https://app.dosu.dev/response-feedback/2209b162-a1e9-4063-9d65-12d4ba2ff64a?feedback_type=incorrect_sources) | [Verbose](https://app.dosu.dev/response-feedback/2209b162-a1e9-4063-9d65-12d4ba2ff64a?feedback_type=too_verbose) | [Hallucination](https://app.dosu.dev/response-feedback/2209b162-a1e9-4063-9d65-12d4ba2ff64a?feedback_type=hallucination) | [Report 🐛](https://app.dosu.dev/response-feedback/2209b162-a1e9-4063-9d65-12d4ba2ff64a?feedback_type=bug_report) | [Other](https://app.dosu.dev/response-feedback/2209b162-a1e9-4063-9d65-12d4ba2ff64a?feedback_type=other)</sup> [](https://app.dosu.dev/a28d3c7e-a9d3-459e-9fb6-3a6f9ff4f357/ask?utm_source=githu b) [](https://go.dosu.dev/discord-bot) [](https://twitter.com/intent/tweet?text=%40dosu_ai%20helped%20me%20solve%20this%20issue!&url=https%3A//github.com/apache/superset/issues/34677) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
