Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Native App Chairlift Issue with Streamlit Permissions #1702

Open
sfc-gh-acarson opened this issue Nov 4, 2024 · 0 comments
Open

Native App Chairlift Issue with Streamlit Permissions #1702

sfc-gh-acarson opened this issue Nov 4, 2024 · 0 comments

Comments

@sfc-gh-acarson
Copy link

Describe the bug
The Native App Quickstart Build a Snowflake Native App to Analyze Chairlift Sensor Data creates a Native App with three sections (Dashboard, Configuration, Sensor Data) and three roles to use the app (CHAIRLIFT_VIEWER, CHAIRLIFT_ADMIN).

CHAIRLIFT_ADMIN should have visibility into all apps/tabs (Dashboard, Configuration, Sensor Data) and CHAIRLIFT_VIEWER should only have access to Dashboard and Sensor Data tabs. However, CHAIRLIFT_VIEWER can see all three (Dashboard, Configuration, Sensor Data), even without USAGE privilege from the underlying application role.

The privileges to the above account-level roles are delegated through the application roles chairlift_app.APP_ADMIN and chairlift_app.APP_VIEWER.

[https://quickstarts.snowflake.com/guide/native-app-chairlift/index.html?index=..%2F..index#9]

show grants to application role chairlift_app.APP_ADMIN;
show grants to application role chairlift_app.APP_VIEWER;
show grants to role chairlift_viewer;
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@sfc-gh-acarson