fix(roles): Add missing SQLLab permissions for estimate and format#36263
Merged
Conversation
Contributor
Code Review Agent Run #7faa80Actionable Suggestions - 0Review Details
Bito Usage GuideCommands Type the following command in the pull request comment and save the comment.
Refer to the documentation for additional commands. Configuration This repository uses Documentation & Help AI Code Review powered by |
shunki-fujita
force-pushed
the
fix-sql-lab-permissions
branch
from
e7b2877 to
1b0a17f
Compare
Signed-off-by: shunki-fujita <shunki-fujita@cybozu.co.jp>
shunki-fujita
force-pushed
the
fix-sql-lab-permissions
branch
from
1b0a17f to
2aa3f8c
Compare
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## master #36263 +/- ##
===========================================
+ Coverage 0 67.97% +67.97%
===========================================
Files 0 634 +634
Lines 0 46727 +46727
Branches 0 5070 +5070
===========================================
+ Hits 0 31763 +31763
- Misses 0 13697 +13697
- Partials 0 1267 +1267
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
betodealmeida
approved these changes
Nov 27, 2025
Member
|
Looks like pre-commit is failing, which should clear up CI (or at least some of it) Superset uses Git pre-commit hooks courtesy of pre-commit. To install run the following: A series of checks will now run when you make a git commit. Alternatively it is possible to run pre-commit by running pre-commit manually: |
Contributor
|
CodeAnt AI is reviewing your PR. |
codeant-ai-for-open-source
Bot
added
the
size:XS
Contributor
Nitpicks 🔍
|
Contributor
|
CodeAnt AI finished reviewing your PR. |
Member
|
Running CI... if it turns green, I reckon we can merge! |
sadpandajoe
added
the
v6.0
Facyla
pushed a commit
to Facyla/superset-contrib
that referenced
this pull request
Dec 16, 2025
isaac-jaynes-imperva
pushed a commit
to isaac-jaynes-imperva/superset
that referenced
this pull request
Mar 3, 2026
…pache#36263) (cherry picked from commit 440cbc4)
rusackas
pushed a commit
that referenced
this pull request
Apr 17, 2026
- theming.mdx: document brandAppName theme token (PR #37370) — controls app name in browser title/nav/emails, takes precedence over APP_NAME config - cache.mdx: document SUPERSET_CACHE_WARMUP_USER config key (PR #38449) — controls the user account Selenium WebDriver authenticates as for thumbnail rendering and cache warmup; update selenium → Selenium capitalization - security.mdx: document missing SQL Lab RBAC permissions (PR #36263) — can_estimate_query_cost and can_format_sql must be explicitly granted - sql-templating.mdx: document Jinja support in calculated columns (PR #37791) with examples; add tip that "Format SQL" is Jinja-aware and dialect-specific (PRs #36277, #39393) - creating-your-first-dashboard.mdx: document dashboard tab URLs (#38660), auto-refresh (#37459), "Last queried at" timestamp (#36934), and tab selection when saving charts to dashboards (#36332) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
6 tasks
rusackas
pushed a commit
that referenced
this pull request
Apr 22, 2026
- theming.mdx: document brandAppName theme token (PR #37370) — controls app name in browser title/nav/emails, takes precedence over APP_NAME config - cache.mdx: document SUPERSET_CACHE_WARMUP_USER config key (PR #38449) — controls the user account Selenium WebDriver authenticates as for thumbnail rendering and cache warmup; update selenium → Selenium capitalization - security.mdx: document missing SQL Lab RBAC permissions (PR #36263) — can_estimate_query_cost and can_format_sql must be explicitly granted - sql-templating.mdx: document Jinja support in calculated columns (PR #37791) with examples; add tip that "Format SQL" is Jinja-aware and dialect-specific (PRs #36277, #39393) - creating-your-first-dashboard.mdx: document dashboard tab URLs (#38660), auto-refresh (#37459), "Last queried at" timestamp (#36934), and tab selection when saving charts to dashboards (#36332) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
qfcwell
pushed a commit
to qfcwell/superset
that referenced
this pull request
May 12, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
User description
Signed-off-by: shunki-fujita shunki-fujita@cybozu.co.jp
Close: #36261
SUMMARY
In Superset 5.0.0, the built-in sql_lab role does not include the required SQL Lab permissions:
BEFORE/AFTER SCREENSHOTS OR ANIMATED GIF
TESTING INSTRUCTIONS
ADDITIONAL INFORMATION
CodeAnt-AI Description
Grant sql_lab role permission to estimate query cost and format SQL in SQL Lab
What Changed
Impact
✅ Can estimate query cost in SQL Lab✅ Can auto-format SQL in SQL Lab✅ Fewer SQL Lab permission errors for users with the built-in sql_lab role💡 Usage Guide
Checking Your Pull Request
Every time you make a pull request, our system automatically looks through it. We check for security issues, mistakes in how you're setting up your infrastructure, and common code problems. We do this to make sure your changes are solid and won't cause any trouble later.
Talking to CodeAnt AI
Got a question or need a hand with something in your pull request? You can easily get in touch with CodeAnt AI right here. Just type the following in a comment on your pull request, and replace "Your question here" with whatever you want to ask:
This lets you have a chat with CodeAnt AI about your pull request, making it easier to understand and improve your code.
Example
Preserve Org Learnings with CodeAnt
You can record team preferences so CodeAnt AI applies them in future reviews. Reply directly to the specific CodeAnt AI suggestion (in the same thread) and replace "Your feedback here" with your input:
This helps CodeAnt AI learn and adapt to your team's coding style and standards.
Example
Retrigger review
Ask CodeAnt AI to review the PR again, by typing:
Check Your Repository Health
To analyze the health of your code repository, visit our dashboard at https://app.codeant.ai. This tool helps you identify potential issues and areas for improvement in your codebase, ensuring your repository maintains high standards of code health.