Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: dataset name change and permission change #21161

Merged
merged 38 commits into from
Aug 31, 2022
Merged

fix: dataset name change and permission change #21161

Show file tree
Hide file tree
Changes from 36 commits
Commits
Show all changes
38 commits
Select commit Hold shift + click to select a range
1912a3e
fix: dataset name change and permission change
dpgaspar Aug 23, 2022
efcbc50
fix lint
dpgaspar Aug 23, 2022
37fc290
fix test
dpgaspar Aug 24, 2022
f67a130
fix test
dpgaspar Aug 24, 2022
d5f05a1
fix test
dpgaspar Aug 24, 2022
9af6609
fix test
dpgaspar Aug 24, 2022
76b52bd
handle slice schema permissions
dpgaspar Aug 24, 2022
3cec3ba
fix tests
dpgaspar Aug 24, 2022
f93bf15
fix tests and perm propagation
dpgaspar Aug 24, 2022
9b43a2a
fix tests and perm propagation
dpgaspar Aug 24, 2022
f8f5cbe
improve code
dpgaspar Aug 24, 2022
3cfe193
propagate database name change to slice schema perms
dpgaspar Aug 24, 2022
8617379
delete associated role pvm
dpgaspar Aug 24, 2022
d665ff6
fix test
dpgaspar Aug 24, 2022
15ac75d
fix unit test and lint
dpgaspar Aug 25, 2022
f774455
add tests and fix lint
dpgaspar Aug 25, 2022
2045c3b
fix tests
dpgaspar Aug 25, 2022
52cd392
deprecate set_perms
dpgaspar Aug 26, 2022
94b53f0
DRY
dpgaspar Aug 26, 2022
83b3b3a
more docs and improve tests
dpgaspar Aug 26, 2022
1739a92
add missing doc
dpgaspar Aug 26, 2022
3828ba4
address comment, improve tests
dpgaspar Aug 26, 2022
0a8db60
fix test
dpgaspar Aug 26, 2022
640d3f1
fix tests
dpgaspar Aug 26, 2022
baffe2e
fix tests
dpgaspar Aug 28, 2022
40f4aea
rename for troubleshooting
dpgaspar Aug 29, 2022
06344bd
improve tests
dpgaspar Aug 29, 2022
411b937
improve tests
dpgaspar Aug 29, 2022
7f5b970
troubleshooting
dpgaspar Aug 29, 2022
2089014
rev troubleshooting
dpgaspar Aug 30, 2022
4eb7185
fix cascade, test
dpgaspar Aug 30, 2022
6024d6f
fix test?
dpgaspar Aug 30, 2022
c98a528
troubleshoot
dpgaspar Aug 30, 2022
9dd3eb6
troubleshoot
dpgaspar Aug 30, 2022
346de98
troubleshoot
dpgaspar Aug 30, 2022
d138027
troubleshoot
dpgaspar Aug 30, 2022
52e856a
add rollback tests
dpgaspar Aug 31, 2022
678589e
fix test
dpgaspar Aug 31, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion superset/config.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -211,7 +211,7 @@ def _try_json_readsha(filepath: str, length: int) -> Optional[str]:
#
# e.g.:
#
# class AesGcmEncryptedAdapter( # pylint: disable=too-few-public-methods
# class AesGcmEncryptedAdapter(
# AbstractEncryptedFieldAdapter
# ):
# def create(
Expand Down
7 changes: 4 additions & 3 deletions superset/connectors/sqla/models.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2264,11 +2264,11 @@ def after_insert(

For more context: https://github.com/apache/superset/issues/14909
"""
security_manager.set_perm(mapper, connection, sqla_table)
security_manager.dataset_after_insert(mapper, connection, sqla_table)
sqla_table.write_shadow_dataset()

@staticmethod
def after_delete( # pylint: disable=unused-argument
def after_delete(
mapper: Mapper,
connection: Connection,
sqla_table: "SqlaTable",
Expand All @@ -2285,6 +2285,7 @@ def after_delete( # pylint: disable=unused-argument

For more context: https://github.com/apache/superset/issues/14909
"""
security_manager.dataset_after_delete(mapper, connection, sqla_table)
session = inspect(sqla_table).session
dataset = (
session.query(NewDataset).filter_by(uuid=sqla_table.uuid).one_or_none()
Expand All @@ -2311,7 +2312,7 @@ def after_update(
For more context: https://github.com/apache/superset/issues/14909
"""
# set permissions
security_manager.set_perm(mapper, connection, sqla_table)
security_manager.dataset_after_update(mapper, connection, sqla_table)

inspector = inspect(sqla_table)
session = inspector.session
Expand Down
33 changes: 33 additions & 0 deletions superset/databases/commands/update.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -58,8 +58,10 @@ def run(self) -> Model:
except Exception as ex:
db.session.rollback()
raise DatabaseConnectionFailedError() from ex

# Update database schema permissions
new_schemas: List[str] = []

for schema in schemas:
old_view_menu_name = security_manager.get_schema_perm(
old_database_name, schema
Expand All @@ -73,6 +75,10 @@ def run(self) -> Model:
# Update the schema permission if the database name changed
if schema_pvm and old_database_name != database.database_name:
schema_pvm.view_menu.name = new_view_menu_name

self._propagate_schema_permissions(
old_view_menu_name, new_view_menu_name
)
else:
new_schemas.append(schema)
for schema in new_schemas:
Expand All @@ -86,6 +92,33 @@ def run(self) -> Model:
raise DatabaseUpdateFailedError() from ex
return database

@staticmethod
def _propagate_schema_permissions(
old_view_menu_name: str, new_view_menu_name: str
) -> None:
from superset.connectors.sqla.models import ( # pylint: disable=import-outside-toplevel
SqlaTable,
)
from superset.models.slice import ( # pylint: disable=import-outside-toplevel
Slice,
)

# Update schema_perm on all datasets
datasets = (
db.session.query(SqlaTable)
.filter(SqlaTable.schema_perm == old_view_menu_name)
.all()
)
for dataset in datasets:
dataset.schema_perm = new_view_menu_name
charts = db.session.query(Slice).filter(
Slice.datasource_type == "table",
dpgaspar marked this conversation as resolved.
Show resolved Hide resolved
Slice.datasource_id == dataset.id,
)
# Update schema_perm on all charts
for chart in charts:
chart.schema_perm = new_view_menu_name

def validate(self) -> None:
exceptions: List[ValidationError] = []
# Validate/populate model exists
Expand Down
11 changes: 1 addition & 10 deletions superset/datasets/commands/create.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@
TableNotFoundValidationError,
)
from superset.datasets.dao import DatasetDAO
from superset.extensions import db, security_manager
from superset.extensions import db

logger = logging.getLogger(__name__)

Expand All @@ -47,15 +47,6 @@ def run(self) -> Model:
dataset = DatasetDAO.create(self._properties, commit=False)
# Updates columns and metrics from the dataset
dataset.fetch_metadata(commit=False)
# Add datasource access permission
security_manager.add_permission_view_menu(
"datasource_access", dataset.get_perm()
)
# Add schema access permission if exists
if dataset.schema:
security_manager.add_permission_view_menu(
"schema_access", dataset.schema_perm
)
db.session.commit()
except (SQLAlchemyError, DAOCreateFailedError) as ex:
logger.warning(ex, exc_info=True)
Expand Down
24 changes: 0 additions & 24 deletions superset/datasets/commands/delete.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -45,30 +45,6 @@ def run(self) -> Model:
self.validate()
try:
dataset = DatasetDAO.delete(self._model, commit=False)

view_menu = (
security_manager.find_view_menu(self._model.get_perm())
if self._model
else None
)

if view_menu:
permission_views = (
db.session.query(security_manager.permissionview_model)
.filter_by(view_menu=view_menu)
.all()
)

for permission_view in permission_views:
db.session.delete(permission_view)
if view_menu:
db.session.delete(view_menu)
else:
if not view_menu:
logger.error(
"Could not find the data access permission for the dataset",
exc_info=True,
)
db.session.commit()
except (SQLAlchemyError, DAODeleteFailedError) as ex:
logger.exception(ex)
Expand Down
2 changes: 1 addition & 1 deletion superset/models/core.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -801,7 +801,7 @@ def get_dialect(self) -> Dialect:
return sqla_url.get_dialect()()


sqla.event.listen(Database, "after_insert", security_manager.set_perm)
sqla.event.listen(Database, "after_insert", security_manager.database_after_insert)
sqla.event.listen(Database, "after_update", security_manager.database_after_update)
sqla.event.listen(Database, "after_delete", security_manager.database_after_delete)

Expand Down
Loading