richardfogaca commented on code in PR #37537:
URL: https://github.com/apache/superset/pull/37537#discussion_r2756814065
##########
superset-frontend/src/features/home/RightMenu.tsx:
##########
@@ -489,15 +494,17 @@ const RightMenu = ({
),
});
}
- userItems.push({
- key: 'logout',
- label: (
- <Typography.Link href={navbarRight.user_logout_url}>
- {t('Logout')}
- </Typography.Link>
- ),
- onClick: handleLogout,
- });
+ if (!isFeatureEnabled(FeatureFlag.DisableEmbeddedSupersetLogout)) {
Review Comment:
Good question! The feature flag is actually the right approach here —
permissions are per-role (RBAC), but hiding logout in an embedded deployment is
a system-wide concern, not a per-user one. There's no existing can_logout
permission in FAB, and creating one would conflate authorization with
deployment topology.
There's also direct precedent for this: `MENU_HIDE_USER_INFO` uses a feature
flag for the "Info" item in the same menu (views/base.py:307).
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
