-
Notifications
You must be signed in to change notification settings - Fork 13.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Unable to set role permissions for new schema unless a new connection is created. #29299
Comments
Hey @MialLewis! I'm here to help you with bugs, questions, and becoming a contributor. Let's squash some bugs together! 🐛 To set role permissions for a new schema in Apache Superset without creating a new connection, you can use the Here is an example of how you can set schema access permissions for a role: from superset import security_manager
from superset.models.core import Database
from superset.models.sql_lab import SqlaTable
# Define the role name and the schema permission
role_name = "your_role_name"
database_name = "your_database_name"
schema_name = "your_schema_name"
schema_permission = security_manager.get_schema_perm(database_name, None, schema_name)
# Create the schema permission view menu
security_manager.add_permission_view_menu("schema_access", schema_permission)
# Find the permission view
permission_view = security_manager.find_permission_view_menu("schema_access", schema_permission)
# Add the permission to the role
role = security_manager.find_role(role_name)
security_manager.add_permission_role(role, permission_view)
# Commit the changes to the database
db.session.commit() In this example:
This approach allows you to set role permissions for a new schema without creating a new connection. Additionally, the Additionally, Apache Superset handles schema caching through the export function useSchemas(options: Params) {
const { dbId, catalog, onSuccess, onError } = options || {};
const [trigger] = useLazySchemasQuery();
const result = useSchemasQuery(
{ dbId, catalog: catalog || undefined, forceRefresh: false },
{
skip: !dbId,
},
);
const fetchData = useEffectEvent(
(
dbId: FetchSchemasQueryParams['dbId'],
catalog: FetchSchemasQueryParams['catalog'],
forceRefresh = false,
) => {
if (dbId && (!result.currentData || forceRefresh)) {
trigger({ dbId, catalog, forceRefresh }).then(
({ isSuccess, isError, data }) => {
if (isSuccess) {
onSuccess?.(data || EMPTY_SCHEMAS, forceRefresh);
}
if (isError) {
onError?.();
}
},
);
}
},
);
useEffect(() => {
fetchData(dbId, catalog, false);
}, [dbId, catalog, fetchData]);
const refetch = useCallback(() => {
fetchData(dbId, catalog, true);
}, [dbId, catalog, fetchData]);
return {
...result,
refetch,
};
} This hook allows you to force refresh the schema list by calling the |
Hello @MialLewis, I am facing the same issue. However, I worked around it by going to the database connections where you configure your database and clicking on Additionally, I think this bug could be resolved by implementing an auto-refresh feature in Superset. |
|
@MialLewis What type of database connection did you use? |
Bug description
I have a Trino database which is made available through
connection1
. If I create a new schema on this database, I cannot give users permission to access this schema via theirrole
.When navigating to
Settings
>List Roles
>Edit Record
, in thePermissions
field I cannot see the new schema, only schema that existed before the creation ofconnection1
.If I now create a new connection,
connection2
, which is exactly the same asconnection1
, I can see the new schema,This bug was discussed last year here: https://lists.apache.org/thread/bqogccdg3wdjkjsgytsqw1ylsmps756v
And now here: https://github.com/konzainc/konza-kube/issues/375
How to reproduce the bug
test_connection_1
(other db's not tested).test_schema
throughSQL Lab
.Settings
>List Roles
>Edit Record
. In the permissions field search fortest_schema
, which will not be foundtest_connection_2
.test_schema
is found throughtest_connection_2
.Screenshots/recordings
No response
Superset version
3.1.3
Python version
3.10
Node version
I don't know
Browser
Firefox
Additional context
No response
Checklist
The text was updated successfully, but these errors were encountered: