From fba93525fb3c5259c4e3e031bf2080c89f1e0e20 Mon Sep 17 00:00:00 2001
From: Ville Brofeldt <ville.brofeldt@apple.com>
Date: Wed, 24 May 2023 11:04:49 +0300
Subject: [PATCH 1/3] chore: remove user registrations menu for non-admins

---
 superset/security/manager.py | 1 +
 1 file changed, 1 insertion(+)

diff --git a/superset/security/manager.py b/superset/security/manager.py
index 10f24450a5bf..c803043bb60c 100644
--- a/superset/security/manager.py
+++ b/superset/security/manager.py
@@ -175,6 +175,7 @@ class SupersetSecurityManager(  # pylint: disable=too-many-public-methods
         "RowLevelSecurityFiltersModelView",
         "Security",
         "SQL Lab",
+        "User's Statistics",
     } | USER_MODEL_VIEWS
 
     ALPHA_ONLY_VIEW_MENUS = {

From 9f339bd224fd594f16c6b91b8e3a6b7088ecd086 Mon Sep 17 00:00:00 2001
From: Ville Brofeldt <ville.brofeldt@apple.com>
Date: Tue, 13 Jun 2023 11:27:45 +0300
Subject: [PATCH 2/3] add UPDATING and User Registrations for future proofing

---
 UPDATING.md                  | 1 +
 superset/security/manager.py | 1 +
 2 files changed, 2 insertions(+)

diff --git a/UPDATING.md b/UPDATING.md
index 25a793b3e59c..69d7e4823ddc 100644
--- a/UPDATING.md
+++ b/UPDATING.md
@@ -34,6 +34,7 @@ assists people when migrating to a new version.
 
 ### Breaking Changes
 
+- [24198](https://github.com/apache/superset/pull/24198) The FAB views `User Registrations` and `User's Statistics` have been changed to Admin only. To re-enable them for non-admin users, please add the following perms to your custom role: `menu access on User's Statistics` and `menu access on User Registrations`.
 - [24354](https://github.com/apache/superset/pull/24354): Removed deprecated APIs `/superset/testconn`, `/superset/validate_sql_json/`, `/superset/schemas_access_for_file_upload`, `/superset/extra_table_metadata`
 - [24381](https://github.com/apache/superset/pull/24381): Removed deprecated API `/superset/available_domains/`
 - [24359](https://github.com/apache/superset/pull/24359): Removed deprecated APIs `/superset/estimate_query_cost/..`, `/superset/results/..`, `/superset/sql_json/..`, `/superset/csv/..`
diff --git a/superset/security/manager.py b/superset/security/manager.py
index c803043bb60c..f0bd1151707d 100644
--- a/superset/security/manager.py
+++ b/superset/security/manager.py
@@ -175,6 +175,7 @@ class SupersetSecurityManager(  # pylint: disable=too-many-public-methods
         "RowLevelSecurityFiltersModelView",
         "Security",
         "SQL Lab",
+        "User Registrations",
         "User's Statistics",
     } | USER_MODEL_VIEWS
 

From 664235abb54d038fb94f2c485c2f50f23ea12485 Mon Sep 17 00:00:00 2001
From: Ville Brofeldt <ville.brofeldt@apple.com>
Date: Tue, 13 Jun 2023 12:50:17 +0300
Subject: [PATCH 3/3] bump fab

---
 requirements/base.txt | 2 +-
 setup.py              | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/requirements/base.txt b/requirements/base.txt
index 148be94e12c7..b72d55595780 100644
--- a/requirements/base.txt
+++ b/requirements/base.txt
@@ -88,7 +88,7 @@ flask==2.2.5
     #   flask-migrate
     #   flask-sqlalchemy
     #   flask-wtf
-flask-appbuilder==4.3.0
+flask-appbuilder==4.3.2
     # via apache-superset
 flask-babel==1.0.0
     # via flask-appbuilder
diff --git a/setup.py b/setup.py
index d8adea3285a2..c7c7c18df2e6 100644
--- a/setup.py
+++ b/setup.py
@@ -81,7 +81,7 @@ def get_git_sha() -> str:
         "cryptography>=39.0.1, <40",
         "deprecation>=2.1.0, <2.2.0",
         "flask>=2.2.5, <3.0.0",
-        "flask-appbuilder>=4.3.0, <5.0.0",
+        "flask-appbuilder>=4.3.2, <5.0.0",
         "flask-caching>=1.10.1, <1.11",
         "flask-compress>=1.13, <2.0",
         "flask-talisman>=1.0.0, <2.0",