fix(sqllab): remove link to sqllab if missing perms

[villebro]

SUMMARY

Currently the "View in SQL Lab" option is available in the Dataset menu in Explore view even when the user doesn't belong to the sql_lab role. In addition, SQL Lab is accessible (albeit doesn't work properly) when the necessary permissions are missing.

This PR does the following:

• Removes the "View in SQL Lab" option from the Dataset menu
• Redirects the user to the welcome page when trying to access SQL Lab without necessary permissions.
• Remove "Saved Queries" from Welcome page if user is missing sql_lab role

AFTER

Now when a user that doesn't have the sql_lab role will no longer see the "View in SQL Lab" menu item:

For admin and users with sql_lab role the menu is unchanged:

When attempting to access SQL Lab without correct perms via a direct URL, the user gets redirected to the welcome page with an error toast. Also, the welcome page doesn't show the "Saved Queries" section if the user doesn't belong to the sql_lab role (we could optionally check the specific perms for saved queries, but maybe we can do that in a follow up if that's really needed):

Note that due to the way we're currently caching bootstrap data, toasts don't always appear correctly (they can appear delayed or not get cleared after displaying). I will follow up separately to fix this.

TESTING INSTRUCTIONS

For testing instructions, please see the following comment in this PR: #22566 (comment)

ADDITIONAL INFORMATION

• Has associated issue:
• Required feature flags:
• Changes UI
• Includes DB Migration (follow approval process in SIP-59)
  • Migration is atomic, supports rollback & is backwards-compatible
  • Confirm DB migration upgrade and downgrade tested
  • Runtime estimates and downtime expectations provided
• Introduces new feature or API
• Removes existing feature or API

[codecov]

Codecov Report

Merging #22566 (e317744) into master (a7a4561) will increase coverage by 0.10%.
The diff coverage is 64.28%.

@@            Coverage Diff             @@
##           master   #22566      +/-   ##
==========================================
+ Coverage   66.91%   67.02%   +0.10%     
==========================================
  Files        1851     1859       +8     
  Lines       70709    71046     +337     
  Branches     7766     7771       +5     
==========================================
+ Hits        47316    47619     +303     
- Misses      21371    21404      +33     
- Partials     2022     2023       +1     

Flag	Coverage Δ
hive	52.61% <100.00%> (+0.14%)	⬆️
javascript	53.86% <59.45%> (+<0.01%)	⬆️
mysql	78.02% <100.00%> (+0.06%)	⬆️
postgres	78.09% <100.00%> (+0.06%)	⬆️
presto	52.51% <100.00%> (+0.15%)	⬆️
python	81.35% <100.00%> (+0.08%)	⬆️
sqlite	76.47% <100.00%> (-0.03%)	⬇️
unit	51.47% <60.00%> (+0.28%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files	Coverage Δ
.../src/views/CRUD/data/savedquery/SavedQueryList.tsx	63.30% <ø> (ø)
...-frontend/src/views/CRUD/welcome/ActivityTable.tsx	41.81% <28.57%> (-0.29%)	⬇️
...perset-frontend/src/views/CRUD/welcome/Welcome.tsx	71.18% <59.09%> (+0.49%)	⬆️
...set-frontend/src/dashboard/util/permissionUtils.ts	86.66% <80.00%> (-3.34%)	⬇️
...re/components/controls/DatasourceControl/index.jsx	84.90% <100.00%> (+0.29%)	⬆️
superset/security/manager.py	95.77% <100.00%> (+0.01%)	⬆️
superset/dashboards/filter_state/commands/utils.py	80.00% <0.00%> (-10.00%)	⬇️
...uperset/dashboards/filter_state/commands/delete.py	91.30% <0.00%> (-4.35%)	⬇️
superset/databases/commands/update.py	75.86% <0.00%> (-4.14%)	⬇️
...uperset/dashboards/filter_state/commands/update.py	96.66% <0.00%> (-3.34%)	⬇️
... and 39 more

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

[zhaoyongjie]

/testenv up

[github-actions]

@zhaoyongjie Ephemeral environment spinning up at http://18.236.102.188:8080. Credentials are admin/admin. Please allow several minutes for bootstrapping and startup.

[villebro]

/testenv up

[github-actions]

@villebro Ephemeral environment spinning up at http://34.219.163.111:8080. Credentials are admin/admin. Please allow several minutes for bootstrapping and startup.

[dpgaspar]

This probably makes more sense to fix on security manager, where all roles are created

[villebro]

Good idea, I'll move it over 👍

[kgabryje]

Frontend part looks great to me!

[villebro]

/testenv up

[github-actions]

@villebro Ephemeral environment spinning up at http://54.187.147.88:8080. Credentials are admin/admin. Please allow several minutes for bootstrapping and startup.

[villebro]

For testing I've created the following users on the eph env:

UID: gamma
PWD: gamma
Test case: directly accessing /superset/sqllab redirects to welcome page with an error toast and "View in SQL Lab" is missing in Dataset menu:

UID: sqlgamma
PWD: sqlgamma
Test case: SQL Lab works and "View in SQL Lab" is present in Dataset menu:

[villebro]

TODO: these should probably be moved to a general util outside the dashboard section, but refactoring it seems outside the scope of this PR

[villebro]

The gamma_sqllab test user has both Gamma and sql_lab roles.

[dpgaspar]

did we had to change this user for the tests to pass?

[villebro]

/testenv up

[github-actions]

@villebro Ephemeral environment spinning up at http://35.89.82.98:8080. Credentials are admin/admin. Please allow several minutes for bootstrapping and startup.

[villebro]

FYI, I've recreated the ephemeral environment with the same test users as previously (same UID/PWD):

• admin: the regular admin user
• gamma: gamma user with access to Examples database
• sqlgamma: gamma user with access to Examples database and sql_lab role

The users that have access to SQL Lab also have a saved query which one should be able to see from the Welcome page

[zhaoyongjie]

Test in the ephemeral env and it works as expected. Thanks for lots of refactor codes. LGTM.

[dpgaspar]

did we had to change this user for the tests to pass?

[kgabryje]

Re-tested after latest changes, LGTM!

[github-actions]

Ephemeral environment shutdown and build artifacts deleted.