feat(revert): Re-introduces the RLS page

[michael-s-molina]

SUMMARY

This PR re-introduces the changes made in #22325 that were reverted because it introduced breaking changes to master.

This PR is not an exact revert of the revert because it adapts the files to the pages structure. It also worth mentioning that the menu option to the RLS page is currently triggering a reload and we should work on a follow-up to make it fully compatible with the SPA project.

BEFORE/AFTER SCREENSHOTS OR ANIMATED GIF

Check the original PR for screenshots.

TESTING INSTRUCTIONS

Check the original PR for test instructions.

ADDITIONAL INFORMATION

• Has associated issue:
• Required feature flags:
• Changes UI
• Includes DB Migration (follow approval process in SIP-59)
  • Migration is atomic, supports rollback & is backwards-compatible
  • Confirm DB migration upgrade and downgrade tested
  • Runtime estimates and downtime expectations provided
• Introduces new feature or API
• Removes existing feature or API

[codecov]

Codecov Report

Merging #23777 (927abbb) into master (35f36a2) will increase coverage by 0.10%.
The diff coverage is 80.35%.

❗ Current head 927abbb differs from pull request most recent head ba6c006. Consider uploading reports for the commit ba6c006 to get more accurate results

@@            Coverage Diff             @@
##           master   #23777      +/-   ##
==========================================
+ Coverage   67.87%   67.98%   +0.10%     
==========================================
  Files        1925     1936      +11     
  Lines       74389    74913     +524     
  Branches     8108     8139      +31     
==========================================
+ Hits        50494    50928     +434     
- Misses      21818    21893      +75     
- Partials     2077     2092      +15     

Flag	Coverage Δ
hive	53.00% <62.21%> (+0.07%)	⬆️
javascript	54.21% <73.00%> (+0.11%)	⬆️
mysql	78.79% <83.37%> (+0.05%)	⬆️
postgres	78.87% <83.37%> (+0.05%)	⬆️
presto	52.91% <62.21%> (+0.07%)	⬆️
python	82.66% <83.37%> (+0.01%)	⬆️
sqlite	77.38% <83.37%> (+0.06%)	⬆️
unit	52.80% <62.21%> (+0.07%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files	Coverage Δ
...uperset/utils/dashboard_filter_scopes_converter.py	15.78% <0.00%> (ø)
superset/views/sql_lab/views.py	63.81% <ø> (ø)
superset/models/sql_lab.py	78.40% <42.85%> (-1.11%)	⬇️
superset-frontend/src/views/routes.tsx	51.06% <50.00%> (-0.05%)	⬇️
superset/db_engine_specs/ocient.py	57.28% <57.28%> (ø)
superset/dao/base.py	92.85% <70.00%> (-2.60%)	⬇️
...-frontend/src/pages/RowLevelSecurityList/index.tsx	72.54% <72.54%> (ø)
...rontend/src/features/rls/RowLevelSecurityModal.tsx	73.39% <73.39%> (ø)
...uperset/row_level_security/commands/bulk_delete.py	87.50% <87.50%> (ø)
superset/connectors/sqla/views.py	89.71% <90.90%> (+0.91%)	⬆️
... and 9 more

... and 1 file with indirect coverage changes

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

[rusackas]

Thanks for the un-revert @michael-s-molina , and thanks @mayurnewase for the awesome work on this!

[mayurnewase]

awesome!!!

[villebro]

This is really nice work, thanks again @mayurnewase and @michael-s-molina for reviving it. As we're doing breaking changes, I really think we should takes this opportunity to widen the scope of EXTRA_RELATED_QUERY_FIELDS and deprecate the RLS specific RLS_BASE_RELATED_FIELD_FILTERS. That latter was created before the formerly mentioned one was created (=there was no global related filter that could be leveraged), and using the same param for all views will ensure that we'll be able to introduce more superuser-like functionality to superset without needing to assign admin role to users.

[villebro]

In #22526 we introduced EXTRA_RELATED_QUERY_FILTERS which already has filters for role and user. I think it might make sense deprecate RLS_BASE_RELATED_FIELD_FILTERS and leverage the more global config parameter here by doing the following:

• assume that EXTRA_RELATED_QUERY_FILTERS["role"] also applies to RLS
• Reuse the existing DatasourceFilter for tables

I tried this and it nicely filtered the roles and tables to match what's available on the datasets page and elsewhere (I don't see why we'd want to have a different dataset filter for RLS than what the regular RBAC model provides, unless we want to add additional filters in RLS):

    from superset.views.base import DatasourceFilter
    from superset.views.filters import BaseFilterRelatedRoles

    base_related_field_filters = {
        "tables": [["id", DatasourceFilter, lambda: []]],
        "roles": [["id", BaseFilterRelatedRoles, lambda: []]],
    }

WDYT?

[michael-s-molina]

It makes sense to me. Can you open a follow-up with this change?

[villebro]

@michael-s-molina sure, will do 👍