docs: Add minimal set of permissions required for public dashboards#36025
docs: Add minimal set of permissions required for public dashboards#36025dgarciabriseno wants to merge 1 commit into
Conversation
Code Review Agent Run #732b87Actionable Suggestions - 0Review Details
Bito Usage GuideCommands Type the following command in the pull request comment and save the comment.
Refer to the documentation for additional commands. Configuration This repository uses Documentation & Help AI Code Review powered by |
![korbit-ai[bot]](https://avatars.githubusercontent.com/in/322216?s=60&v=4){kind=small}
There was a problem hiding this comment.
I've completed my review and didn't find any issues.
Files scanned
| File Path | Reviewed |
|---|---|
| docs/docs/configuration/networking-settings.mdx | ✅ |
Explore our documentation to understand the languages and file types we support and the files we ignore.
Check out our docs on how you can make Korbit work best for you and your team.
|
Great idea, thank you! I should be able to review |
sfirke
left a comment
sfirke
left a comment
There was a problem hiding this comment.
I like this idea but I don't think this set of permissions is sufficient. I created a new role with these seven permissions, then gave a dashboard that role and tried to view it in a private browsing window where I wasn't signed in. It didn't work - I was redirected to login.
I have a functional Public role that I've used for several years. It has 31 permissions. I wonder if not all 31 are needed and the minimal set is between yours and mine?
I'm happy to re-review if you can expand this to a set such that once that role is added, I can view the dashboard while logged out.
|
See for example this list of permissions, it is much longer than yours: https://gist.github.com/byk0t/bd6e9c3839967b4ac28a8da30f468b2a |
|
Thanks for verifying this. I'll need to double check my permissions when I'm back at work.
I have a 5.0.0 instance running that I demo'd this morning by opening a private browsing window and it worked fine.
…On November 14, 2025 7:05:14 PM UTC, Sam Firke ***@***.***> wrote:
@sfirke requested changes on this pull request.
I like this idea but I don't think this set of permissions is sufficient. I created a new role with these seven permissions, then gave a dashboard that role and tried to view it in a private browsing window where I wasn't signed in. It didn't work - I was redirected to login.
I have a functional Public role that I've used for several years. It has 31 permissions. I wonder if not all 31 are needed and the minimal set is between yours and mine?
I'm happy to re-review if you can expand this to a set such that once that role is added, I can view the dashboard while logged out.
--
Reply to this email directly or view it on GitHub:
#36025 (review)
You are receiving this because you authored the thread.
Message ID: ***@***.***>
|
|
Maybe it's my charts? |
|
Maybe my extra permissions are for other aspects of dashboard interactions. E.g., does your set of permissions allow the public user to filter on a time range? |
|
No, mine doesn't have any interactions really, just view only. |
|
Here's my list of permissions for the public role: I don't have any documentation about what each does, but I think a lot of that might be to make filtering and other interactions work. |
|
@dgarciabriseno - I just discussed this in the monthly Documentation meeting and the consensus was to go farther and add a new role to Superset, so that admins can just assign it rather than having to create one based on the docs. The way we have Gamma and Alpha already extant in Superset, we'd have Public that way too. Probably with the set of permissions I posted above, unless there are ones you think should be removed. My question for you: would you like to take on that work? I don't mean to deprive you of the opportunity to contribute to Superset. Or, if this feels like more than you wanted to sign up for, I'm willing to do this myself. Just let me know! |
|
the task is all yours. I just wanted to add things I had to figure out on my own to the docs. Adding a preinstalled role takes all the guesswork out for sure. It should still be documented which capabilities are granted to the public role by default.
for the bigger set of permissions, why does it need:
- can_write on DashboardFilterStateRestApi
- can_explore_json on Superset
- can_sql_json on Superset
I'm wondering why the public role should have any "write" permission, and I'm curious which features are enabled by allowing explore and sql (like are those just needed to be able to interact with the charts?) The others I think make sense and don't look harmful.
Main thing I kind of hinted at about all these permissions is that it's not that clear how the permissions map to end user capabilities. They kind of make sense when you look at the superset API, but not so much when you're working in the app (like trying to figure out what you need for a public user).
Sorry if formatting is bad, I'm replying to the github email.
…On November 18, 2025 6:26:19 PM UTC, Sam Firke ***@***.***> wrote:
sfirke left a comment (apache/superset#36025)
@dgarciabriseno - I just discussed this in the monthly Documentation meeting and the consensus was to go farther and add a new role to Superset, so that admins can just assign it rather than having to create one based on the docs. The way we have Gamma and Alpha already extant in Superset, we'd have Public that way too. Probably with the set of permissions I posted above, unless there are ones you think should be removed.
My question for you: would you like to take on that work? I don't mean to deprive you of the opportunity to contribute to Superset. Or, if this feels like more than you wanted to sign up for, I'm willing to do this myself. Just let me know!
--
Reply to this email directly or view it on GitHub:
#36025 (comment)
You are receiving this because you were mentioned.
Message ID: ***@***.***>
|
This PR adds a new built-in "Public" role to Superset, designed for anonymous/unauthenticated users who need to view dashboards. The Public role is more restrictive than Gamma and provides sensible defaults for public-facing dashboard deployments. Key features: - New PUBLIC_ROLE_PERMISSIONS set defining minimal dashboard viewing permissions - New _is_public_pvm() method to determine Public role permissions - Public role is now created during sync_role_definitions() - Users can set PUBLIC_ROLE_LIKE = "Public" to use these safe defaults The Public role includes: - Dashboard and chart viewing - Interactive dashboard filters (read + write filter state) - Dashboard permalinks - Embedded dashboard support - Datasource metadata for chart rendering The Public role explicitly excludes: - Write permissions on dashboards, charts, datasets - SQL Lab access - Share functionality - User profile/admin features - Menu access to most features This addresses the concerns raised in #36025 where PUBLIC_ROLE_LIKE = "Gamma" grants excessive permissions including write and delete capabilities that are inappropriate for public access. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This PR adds a new built-in "Public" role to Superset, designed for anonymous/unauthenticated users who need to view dashboards. The Public role is more restrictive than Gamma and provides sensible defaults for public-facing dashboard deployments. Key features: - New PUBLIC_ROLE_PERMISSIONS set defining minimal dashboard viewing permissions - New _is_public_pvm() method to determine Public role permissions - Public role is now created during sync_role_definitions() - Users can set PUBLIC_ROLE_LIKE = "Public" to use these safe defaults The Public role includes: - Dashboard and chart viewing - Interactive dashboard filters (read + write filter state) - Dashboard permalinks - Embedded dashboard support - Datasource metadata for chart rendering The Public role explicitly excludes: - Write permissions on dashboards, charts, datasets - SQL Lab access - Share functionality - User profile/admin features - Menu access to most features This addresses the concerns raised in #36025 where PUBLIC_ROLE_LIKE = "Gamma" grants excessive permissions including write and delete capabilities that are inappropriate for public access. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
|
FYI this is being continued and expanded over in github.com//pull/36548. Looks promising so far 🙏 Thanks @dgarciabriseno for getting this started! |
2 participants
SUMMARY
Updates the superset documentation on public dashboards to list the minimal set of requirements needed
to make public dashboards work.
Prior to this change, the suggestion is to initialize your superset instance with
PUBLIC_ROLE_LIKE = "Gamma"butGamma permissions are too permissive, with things like write and delete permissions, for a public role.
This is purely a documentation change. I found this set of permissions by starting with all Gamma permissions and deleting permissions until I found the minimal permissions required to have a functional public dashboard without granting excess permissions.
ADDITIONAL INFORMATION