fix: SQLLab role permissions #14372
Merged
fix: SQLLab role permissions #14372
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Codecov Report
@@ Coverage Diff @@
## master #14372 +/- ##
==========================================
- Coverage 77.12% 76.88% -0.24%
==========================================
Files 954 954
Lines 48158 48159 +1
Branches 5991 5991
==========================================
- Hits 37140 37026 -114
- Misses 10821 10936 +115
Partials 197 197
Flags with carried forward coverage won't be shown. Click here to find out more.
Continue to review full report at Codecov.
|
willbarrett
reviewed
Apr 27, 2021
| and pvm.permission.name == "can_list" | ||
| ) | ||
| ) | ||
| return (pvm.permission.name, pvm.view_menu.name) in self.SQLLAB_PERMISSION_VIEWS |
There was a problem hiding this comment.
It appears that this removes self.USER_MODEL_VIEWS can_list permission - am I misreading?
There was a problem hiding this comment.
You're not, I could not find any valid reason for this permission. My guess is that it's a left over from the old Query History view, that view was populating a user dropdown list.
We now use: /api/v1/query/related/user
dpgaspar
deleted the
danielgaspar/ch8253/sqllab-role-is-missing-permissions
branch
amitmiran137
added a commit
to nielsen-oss/superset
that referenced
this pull request
May 3, 2021
* master: (38 commits) refactor(native-filters): allow cascading only for filter_select (apache#14441) test(maximize-chart): Add tests to maximize chart action (apache#14371) fix: fixing mysql error message (apache#14416) feat: Logic added to limiting factor column in Query model (apache#13521) change relationship (apache#14435) fix: bootstrap data permissions (apache#14348) fix: parse simple string error message values (apache#14360) chore: add stack trace to all calls of logger.error (apache#14382) update README with new docs and recordings (apache#14432) Renamed impyla from implya in impala.mdx and Renamed PIP package impyla from impala in index.mdx (apache#14425) fix(native-filters): fix filter scope error (apache#14426) feat: Adding limiting_factor column to Query model (apache#14234) feat: Add etag caching to dashboard APIs (apache#14357) chore: Moves Card to the components folder (apache#14139) feat: Dynamic imports for the Icons component (apache#14318) feat: Support env vars configuration for WebSocket server (apache#14398) fix: SQLLab role permissions (apache#14372) fix(native-filters): always show filters without dataset (apache#14409) fix error getting partitionQuery from table.partition (apache#14369) refactor: Boostrap to AntD - Tabs (apache#14048) ...
QAlexBall
pushed a commit
to QAlexBall/superset
that referenced
this pull request
Dec 29, 2021
* fix: SQLLab role permissions * add missing perm * fix tests * fix security test * fix security test * fix tests
mistercrunch
added
🏷️ bot
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
SUMMARY
Fixes SQLLab role permissions, missing access to fetching database function names. Opted for declaring explicitly the necessary permissions that make up SQLLab role.
Previously a user with SQLLab role (could be Gamma + SQLLab), would see the following toast:
ADDITIONAL INFORMATION