Skip to content

Commit

Permalink
Moving the custom_password_store out of Database class (#4182)
Browse files Browse the repository at this point in the history
  • Loading branch information
fabianmenges authored and mistercrunch committed Jan 9, 2018
1 parent 22bdd9e commit 23c9829
Show file tree
Hide file tree
Showing 2 changed files with 8 additions and 5 deletions.
9 changes: 5 additions & 4 deletions superset/models/core.py
Original file line number Diff line number Diff line change
Expand Up @@ -41,6 +41,7 @@
from urllib import parse # noqa

config = app.config
custom_password_store = config.get('SQLALCHEMY_CUSTOM_PASSWORD_STORE')
stats_logger = config.get('STATS_LOGGER')
metadata = Model.metadata # pylint: disable=no-member

Expand Down Expand Up @@ -567,7 +568,7 @@ class Database(Model, AuditMixinNullable, ImportMixin):
}
"""))
perm = Column(String(1000))
custom_password_store = config.get('SQLALCHEMY_CUSTOM_PASSWORD_STORE')

impersonate_user = Column(Boolean, default=False)
export_fields = ('database_name', 'sqlalchemy_uri', 'cache_timeout',
'expose_in_sqllab', 'allow_run_sync', 'allow_run_async',
Expand Down Expand Up @@ -611,7 +612,7 @@ def get_password_masked_url(cls, url):

def set_sqlalchemy_uri(self, uri):
conn = sqla.engine.url.make_url(uri.strip())
if conn.password != PASSWORD_MASK and not self.custom_password_store:
if conn.password != PASSWORD_MASK and not custom_password_store:
# do not over-write the password with the password mask
self.password = conn.password
conn.password = PASSWORD_MASK if conn.password else None
Expand Down Expand Up @@ -803,8 +804,8 @@ def get_foreign_keys(self, table_name, schema=None):
@property
def sqlalchemy_uri_decrypted(self):
conn = sqla.engine.url.make_url(self.sqlalchemy_uri)
if self.custom_password_store:
conn.password = self.custom_password_store(conn)
if custom_password_store:
conn.password = custom_password_store(conn)
else:
conn.password = self.password
return str(conn)
Expand Down
4 changes: 3 additions & 1 deletion tests/core_tests.py
Original file line number Diff line number Diff line change
Expand Up @@ -315,11 +315,13 @@ def test_custom_password_store(self):
def custom_password_store(uri):
return 'password_store_test'

database.custom_password_store = custom_password_store
models.custom_password_store = custom_password_store
conn = sqla.engine.url.make_url(database.sqlalchemy_uri_decrypted)
if conn_pre.password:
assert conn.password == 'password_store_test'
assert conn.password != conn_pre.password
# Disable for password store for later tests
models.custom_password_store = None

def test_databaseview_edit(self, username='admin'):
# validate that sending a password-masked uri does not over-write the decrypted
Expand Down

0 comments on commit 23c9829

Please sign in to comment.