View-only users cannot execute queries with parameters
See original GitHub issueIssue Summary
Not an issue maybe, but at least a problematic behaviour for us.
Steps to Reproduce
- Create a query with query parameters
- Set the datasource for this query to a datasource where another user has only the view-only permission
- With this other user, try to inject parameters and then click the refresh button
- See this error message
I expect it to be okay (or at least that can be allowed) to execute queries with query parameters for view-only users.
Technical details:
- Redash Version:
0.11.0+b1959
- Browser/OS: Chrome / OS X
- How did you install Redash: AMI
Issue Analytics
- State:
- Created 7 years ago
- Reactions:1
- Comments:15 (5 by maintainers)
Top Results From Across the Web
Unsafe Parameters Error for View Only Users - Support
Due to their View Only permissions (read-only access to the datasource), the cannot use the dashboards as they receive an error “this query...
Read more >Permissions for Queries | ClickHouse Docs
KILL QUERY . The following settings regulate user permissions by the type of query: readonly. Restricts permissions for read data, write data, and...
Read more >Restricting access to Systems Manager parameters using IAM ...
When using IAM policies to restrict access to Systems Manager parameters, we recommend that you create and use restrictive IAM policies.
Read more >Edit data in a query - Microsoft Support
You may encounter situations where you cannot edit data in query Datasheet view to ... Open Read-Only; or, if the database is located...
Read more >cannot execute CREATE TABLE in a read-only transaction ...
SQL Error: 0, SQLState: 25006 ERROR: cannot execute UPDATE in a read-only transaction. Verified Database access by running below query and ...
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
Why was this ticket closed? As far as I can see this problem still remains.
I needed to organize my groups into 3 categories :
This is what I did in database in order to achieve my organisation, all the values concern the table
groups
and the columnpermissions
{admin,super_admin,create_dashboard,create_query,edit_dashboard,edit_query,view_query,view_source,execute_query,list_users,schedule_query,list_dashboards,list_alerts,list_data_sources}
{}
{list_dashboards,view_query,execute_query}
In order to be able to run parametrized queries as a member of the readonly group, you need to define the datasources for the group as
Full Access
or it won’t work!Hope this helps 👍