-
Notifications
You must be signed in to change notification settings - Fork 4.9k
/
preview_embed.clj
59 lines (50 loc) · 2.74 KB
/
preview_embed.clj
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
(ns metabase.api.preview-embed
"Endpoints for previewing how Cards and Dashboards will look when embedding them.
These endpoints are basically identical in functionality to the ones in `/api/embed`, but:
1. Require admin access
2. Ignore the values of `:enabled_embedding` for Cards/Dashboards
3. Ignore the `:embed_params` whitelist for Card/Dashboards, instead using a field called `:_embedding_params` in
the JWT token itself.
Refer to the documentation for those endpoints for further details."
(:require [compojure.core :refer [GET]]
(metabase.api [common :as api]
[embed :as embed-api])
[metabase.util.embed :as eu]))
(defn- check-and-unsign [token]
(api/check-superuser)
(api/check-embedding-enabled)
(eu/unsign token))
(api/defendpoint GET "/card/:token"
"Fetch a Card you're considering embedding by passing a JWT TOKEN."
[token]
(let [unsigned-token (check-and-unsign token)]
(embed-api/card-for-unsigned-token unsigned-token
:embedding-params (eu/get-in-unsigned-token-or-throw unsigned-token [:_embedding_params]))))
(api/defendpoint GET "/card/:token/query"
"Fetch the query results for a Card you're considering embedding by passing a JWT TOKEN."
[token & query-params]
(let [unsigned-token (check-and-unsign token)
card-id (eu/get-in-unsigned-token-or-throw unsigned-token [:resource :question])]
(embed-api/run-query-for-card-with-params-async
:card-id card-id
:token-params (eu/get-in-unsigned-token-or-throw unsigned-token [:params])
:embedding-params (eu/get-in-unsigned-token-or-throw unsigned-token [:_embedding_params])
:query-params query-params)))
(api/defendpoint GET "/dashboard/:token"
"Fetch a Dashboard you're considering embedding by passing a JWT TOKEN. "
[token]
(let [unsigned-token (check-and-unsign token)]
(embed-api/dashboard-for-unsigned-token unsigned-token
:embedding-params (eu/get-in-unsigned-token-or-throw unsigned-token [:_embedding_params]))))
(api/defendpoint GET "/dashboard/:token/dashcard/:dashcard-id/card/:card-id"
"Fetch the results of running a Card belonging to a Dashboard you're considering embedding with JWT TOKEN."
[token dashcard-id card-id & query-params]
(let [unsigned-token (check-and-unsign token)]
(embed-api/dashcard-results-async
:dashboard-id (eu/get-in-unsigned-token-or-throw unsigned-token [:resource :dashboard])
:dashcard-id dashcard-id
:card-id card-id
:embedding-params (eu/get-in-unsigned-token-or-throw unsigned-token [:_embedding_params])
:token-params (eu/get-in-unsigned-token-or-throw unsigned-token [:params])
:query-params query-params)))
(api/define-routes)