Fix issues around Database permissions #7009
Conversation
mistercrunch
force-pushed
the
fix_database_access
branch
from
eaf6301
to
b072dee
Compare
Codecov Report
@@ Coverage Diff @@
## master #7009 +/- ##
==========================================
+ Coverage 64.46% 64.47% +<.01%
==========================================
Files 421 421
Lines 20521 20534 +13
Branches 2245 2245
==========================================
+ Hits 13229 13239 +10
- Misses 7165 7168 +3
Partials 127 127
Continue to review full report at Codecov.
|
| permission_name = 'datasource_access' | ||
| from superset.models.core import Database | ||
| if mapper.class_ == Database: |
There was a problem hiding this comment.
FYI , superset init would create the proper database_access (one for each database), but the code here (executed on update/insert) would create/update a datasource_access entry for the database
| query = ( | ||
| query.outerjoin(SQLTable, self.model.datasource_id == SQLTable.c.id) | ||
| .outerjoin(models.Database, models.Database.id == SQLTable.c.database_id) | ||
| .filter(or_( | ||
| models.Database.perm.in_(datasource_perms), | ||
| models.Database.perm.in_(database_perms), |
There was a problem hiding this comment.
This appears to be using the wrong entry.
| @@ -285,6 +294,7 @@ class DatabaseView(SupersetModelView, DeleteMixin, YamlExportMixin): # noqa | |||
| 'allow_multi_schema_metadata_fetch': _('Allow Multi Schema Metadata Fetch'), | |||
| 'backend': _('Backend'), | |||
| } | |||
| base_filters = [['id', DatabaseFilter, lambda: []]] | |||
There was a problem hiding this comment.
I think this broke stuff on our end, users can't see DBs in SQL Lab. I commented it out and permissions work correctly. (edited to say "can't")
There was a problem hiding this comment.
Do you mean "can't see" (you wrote "can see"). This may require adding all_database_access to alpha
This reverts commit f5274a9.
mistercrunch
added
🏷️ bot
No description provided.