fix: Change dataset name affect data access role set to this dataset

apache · Jun 30, 2022 · 2a7f159 · 2a7f159
1 parent f29cde2
commit 2a7f159
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 6 deletions.
diff --git a/superset/security/manager.py b/superset/security/manager.py
@@ -946,13 +946,25 @@ def set_perm(  # pylint: disable=unused-argument
         except DatasetInvalidPermissionEvaluationException:
             logger.warning("Dataset has no database refusing to set permission")
             return
+        permission_table = self.permission_model.__table__  # pylint: disable=no-member
+        view_menu_table = self.viewmenu_model.__table__  # pylint: disable=no-member
         link_table = target.__table__
         if target.perm != target_get_perm:
             connection.execute(
                 link_table.update()
                 .where(link_table.c.id == target.id)
                 .values(perm=target_get_perm)
             )
+            connection.execute(
+                permission_table.update()
+                .where(permission_table.c.name == target.perm)
+                .values(name=target_get_perm)
+            )
+            connection.execute(
+                view_menu_table.update()
+                .where(view_menu_table.c.name == target.perm)
+                .values(name=target_get_perm)
+            )
             target.perm = target_get_perm
 
         if (
@@ -981,17 +993,11 @@ def set_perm(  # pylint: disable=unused-argument
             pv = None
 
             if not permission:
-                permission_table = (
-                    self.permission_model.__table__  # pylint: disable=no-member
-                )
                 connection.execute(
                     permission_table.insert().values(name=permission_name)
                 )
                 permission = self.find_permission(permission_name)
             if not view_menu:
-                view_menu_table = (
-                    self.viewmenu_model.__table__  # pylint: disable=no-member
-                )
                 connection.execute(view_menu_table.insert().values(name=view_menu_name))
                 view_menu = self.find_view_menu(view_menu_name)
 

diff --git a/tests/integration_tests/security_tests.py b/tests/integration_tests/security_tests.py
@@ -185,6 +185,7 @@ def test_set_perm_sqla_table(self):
         )
 
         # table name change
+        orig_table_perm = stored_table.perm
         stored_table.table_name = "tmp_perm_table_v2"
         session.commit()
         stored_table = (
@@ -193,6 +194,11 @@ def test_set_perm_sqla_table(self):
         self.assertEqual(
             stored_table.perm, f"[examples].[tmp_perm_table_v2](id:{stored_table.id})"
         )
+        self.assertIsNone(
+            security_manager.find_permission_view_menu(
+                "datasource_access", orig_table_perm
+            )
+        )
         self.assertIsNotNone(
             security_manager.find_permission_view_menu(
                 "datasource_access", stored_table.perm