feat(embedded): add feature flag to disable logout button in embedded contexts

[richardfogaca]

SUMMARY

This PR introduces a new feature flag DISABLE_EMBEDDED_SUPERSET_LOGOUT that hides the logout button when Superset is embedded via iframe in SSO-managed authentication flows.

Use Case: When Superset is embedded within a parent application that manages authentication via SSO, the logout button in Superset becomes problematic:

• Users logging out of Superset while remaining in the parent app creates a confusing experience
• The parent application should control the authentication lifecycle, not the embedded Superset instance
• Clicking logout in the iframe may break the SSO session or cause unexpected behavior

Solution: A feature flag that conditionally hides the logout menu item in the Settings dropdown, allowing administrators to disable logout functionality in embedded deployments while preserving it for standalone use.

Changes:

1. Backend (superset/config.py): Added DISABLE_EMBEDDED_SUPERSET_LOGOUT to DEFAULT_FEATURE_FLAGS with default value False, including @docs annotation linking to documentation
2. Frontend enum (featureFlags.ts): Added DisableEmbeddedSupersetLogout TypeScript enum entry
3. RightMenu component (RightMenu.tsx): Wrapped logout menu item in conditional check using isFeatureEnabled()
4. Tests (RightMenu.test.tsx): Added 2 new tests covering both enabled and disabled states
5. Documentation (docs/docs/configuration/networking-settings.mdx): Added "Hiding the Logout Button in Embedded Contexts" section under HTML Embedding

BEFORE/AFTER SCREENSHOTS OR ANIMATED GIF

BEFORE (Flag Disabled - Default Behavior):
Settings menu shows the Logout option as expected.

AFTER (Flag Enabled):
Settings menu no longer shows the Logout option - users must log out through the parent application.

TESTING INSTRUCTIONS

Unit Tests

cd superset-frontend
npm run test -- src/features/home/RightMenu.test.tsx

All 9 tests pass, including:

• shows logout button when DISABLE_EMBEDDED_SUPERSET_LOGOUT is false
• hides logout button when DISABLE_EMBEDDED_SUPERSET_LOGOUT is true

Manual Testing

1. Test with flag disabled (default):

   • Start Superset normally
   • Log in and click Settings dropdown
   • Verify "Logout" option is visible

2. Test with flag enabled:

   • Add to superset_config.py:

     FEATURE_FLAGS = {
         'DISABLE_EMBEDDED_SUPERSET_LOGOUT': True,
     }

   • Restart Superset
   • Log in and click Settings dropdown
   • Verify "Logout" option is not visible

3. Test in iframe context:

   • Create a simple HTML page with Superset in an iframe:

     <iframe src="http://localhost:8088" width="100%" height="800"></iframe>

   • With flag enabled, confirm logout is hidden
   • With flag disabled, confirm logout is visible

ADDITIONAL INFORMATION

• Has associated issue:
• Required feature flags: DISABLE_EMBEDDED_SUPERSET_LOGOUT
• Changes UI
• Includes DB Migration (follow approval process in SIP-59)
  • Migration is atomic, supports rollback & is backwards-compatible
  • Confirm DB migration upgrade and downgrade tested
  • Runtime estimates and downtime expectations provided
• Introduces new feature or API
• Removes existing feature or API

[bito-code-review]

Code Review Agent Run #9e3d06

Actionable Suggestions - 0

Review Details

• Files reviewed - 5 · Commit Range: 0cef9a3..0cef9a3

  • docs/docs/configuration/networking-settings.mdx
  • superset-frontend/packages/superset-ui-core/src/utils/featureFlags.ts
  • superset-frontend/src/features/home/RightMenu.test.tsx
  • superset-frontend/src/features/home/RightMenu.tsx
  • superset/config.py
• Files skipped - 1

  • docs/static/feature-flags.json - Reason: Filter setting
• Tools

  • Whispers (Secret Scanner) - ✔︎ Successful
  • Detect-secrets (Secret Scanner) - ✔︎ Successful
  • Eslint (Linter) - ✔︎ Successful
  • MyPy (Static Code Analysis) - ✔︎ Successful
  • Astral Ruff (Static Code Analysis) - ✔︎ Successful

---

Bito Usage Guide

Commands

Type the following command in the pull request comment and save the comment.

• /review - Manually triggers a full AI review.

• /pause - Pauses automatic reviews on this pull request.

• /resume - Resumes automatic reviews.

• /resolve - Marks all Bito-posted review comments as resolved.

• /abort - Cancels all in-progress reviews.

Refer to the documentation for additional commands.

Configuration

This repository uses Superset You can customize the agent settings here or contact your Bito workspace admin at evan@preset.io.

Documentation & Help

• Customize agent settings
• Review rules
• General documentation
• FAQ

AI Code Review powered by

[netlify]

✅ Deploy Preview for superset-docs-preview ready!

Name	Link
🔨 Latest commit	0cef9a3
🔍 Latest deploy log	https://app.netlify.com/projects/superset-docs-preview/deploys/697aab0c6689670008831c2f
😎 Deploy Preview	https://deploy-preview-37537--superset-docs-preview.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 66.58%. Comparing base (f6f9e08) to head (8404815).
⚠️ Report is 2 commits behind head on master.

Additional details and impacted files

@@             Coverage Diff             @@
##           master   #37537       +/-   ##
===========================================
+ Coverage        0   66.58%   +66.58%     
===========================================
  Files           0      643      +643     
  Lines           0    49051    +49051     
  Branches        0     5500     +5500     
===========================================
+ Hits            0    32662    +32662     
- Misses          0    15094    +15094     
- Partials        0     1295     +1295     

Flag	Coverage Δ
hive	41.92% <ø> (?)
mysql	64.64% <ø> (?)
postgres	64.72% <ø> (?)
presto	41.94% <ø> (?)
python	66.55% <ø> (?)
sqlite	64.42% <ø> (?)
unit	100.00% <ø> (?)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[bito-code-review]

Code Review Agent Run #9724c4

Actionable Suggestions - 0

Review Details

• Files reviewed - 5 · Commit Range: 0cef9a3..8404815

  • docs/docs/configuration/networking-settings.mdx
  • superset-frontend/packages/superset-ui-core/src/utils/featureFlags.ts
  • superset-frontend/src/features/home/RightMenu.test.tsx
  • superset-frontend/src/features/home/RightMenu.tsx
  • superset/config.py
• Files skipped - 1

  • docs/static/feature-flags.json - Reason: Filter setting
• Tools

  • Whispers (Secret Scanner) - ✔︎ Successful
  • Detect-secrets (Secret Scanner) - ✔︎ Successful

---

Bito Usage Guide

Commands

Type the following command in the pull request comment and save the comment.

• /review - Manually triggers a full AI review.

• /pause - Pauses automatic reviews on this pull request.

• /resume - Resumes automatic reviews.

• /resolve - Marks all Bito-posted review comments as resolved.

• /abort - Cancels all in-progress reviews.

Refer to the documentation for additional commands.

Configuration

This repository uses Superset You can customize the agent settings here or contact your Bito workspace admin at evan@preset.io.

Documentation & Help

• Customize agent settings
• Review rules
• General documentation
• FAQ

AI Code Review powered by

[Antonio-RiveroMartnez]

Isn't more aligned with our existing patterns to use a permission for hide/show a menu? Was there any reason why that wouldn't work on embedded envs?