Merge remote-tracking branch 'upstream/master' into feat/add_all_dash…

…boards_permissions

* upstream/master: (46 commits)
  fix: surface connection error messages on the client (apache#11077)
  fix(jest): using UTC mock date (apache#11079)
  removing unused component (apache#11072)
  changing to the correct hex color (apache#11073)
  style: remove unecessary padding (apache#11071)
  fix: database list checkboxes (apache#11068)
  feat: adding all icons from the design system to the codebase (apache#11033)
  fix: sql lab autocomplete width (apache#11063)
  clickable labels have outlines, storybook shows them (apache#11034)
  fixed routes for customer in docs (apache#11052)
  Revert "style: fix checkbox color (apache#10970)" (apache#11051)
  feat: add "created by" to dashboard CRUD view (apache#11030)
  Changed `tags.py` and `helpers.py` in `models` module: removed disabled pylint rule `unused_import`, changed unused arguments to private and removed disabled rule `unused-argument. Removed redundant rules.` (apache#11037)
  chore: updated lint rules in models module (apache#11036)
  Removed disable global pytlint rule `standarderror-builtin` which isn't appearing for Python3 (apache#11038)
  Enabled argument-differ for bulk_delete (apache#11039)
  Enabled no-self-use pylint rule in security. Formatter (apache#11041)
  Changed variable name from capitals to lowercase and changed lint rule (apache#11044)
  Revert "ESLint: Re-enable rule default-props-match-prop-types (apache#10868)" (apache#11050)
  feat(saved_queries): add custom api filter for all string & text fields (apache#11031)
  ...

# Conflicts:
#	superset/config.py
#	tests/dashboards/api_tests.py

.github/ISSUE_TEMPLATE/security_vulnerability.md

@@ -0,0 +1,12 @@
+---
+name: Security vulnerability
+about: Report a security vulnerability or issue
+labels: "#security"
+
+---
+
+## DO NOT REPORT SECURITY VULNERABILITIES HERE
+
+Please report security vulnerabilities to private@superset.apache.org.
+
+In the event a community member discovers a security flaw in Superset, it is important to follow the [Apache Security Guidelines](https://www.apache.org/security/committers.html) and release a fix as quickly as possible before public disclosure. Reporting security vulnerabilities through the usual GitHub Issues channel is not ideal as it will publicize the flaw before a fix can be applied.

.github/workflows/prefer-typescript.yml

@@ -32,6 +32,7 @@ jobs:
       - if: steps.check.outputs.js_files_added
         name: Add Comment to PR
         uses: unsplash/comment-on-pr@master
+        continue-on-error: true
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         with:

.pylintrc

@@ -81,7 +81,7 @@ confidence=
 # --enable=similarities". If you want to run only the classes checker, but have
 # no Warning level messages displayed, use"--disable=all --enable=classes
 # --disable=W"
-disable=standarderror-builtin,long-builtin,dict-view-method,intern-builtin,suppressed-message,no-absolute-import,unpacking-in-except,apply-builtin,delslice-method,indexing-exception,old-raise-syntax,print-statement,cmp-builtin,reduce-builtin,useless-suppression,coerce-method,input-builtin,cmp-method,raw_input-builtin,nonzero-method,backtick,basestring-builtin,setslice-method,reload-builtin,oct-method,map-builtin-not-iterating,execfile-builtin,old-octal-literal,zip-builtin-not-iterating,buffer-builtin,getslice-method,metaclass-assignment,xrange-builtin,long-suffix,round-builtin,range-builtin-not-iterating,next-method-called,parameter-unpacking,unicode-builtin,unichr-builtin,import-star-module-level,raising-string,filter-builtin-not-iterating,using-cmp-argument,coerce-builtin,file-builtin,old-division,hex-method,missing-docstring,too-many-lines,ungrouped-imports,import-outside-toplevel,raise-missing-from,super-with-arguments,bad-option-value
+disable=long-builtin,dict-view-method,intern-builtin,suppressed-message,no-absolute-import,unpacking-in-except,apply-builtin,delslice-method,indexing-exception,old-raise-syntax,print-statement,cmp-builtin,reduce-builtin,useless-suppression,coerce-method,input-builtin,cmp-method,raw_input-builtin,nonzero-method,backtick,basestring-builtin,setslice-method,reload-builtin,oct-method,map-builtin-not-iterating,execfile-builtin,old-octal-literal,zip-builtin-not-iterating,buffer-builtin,getslice-method,metaclass-assignment,xrange-builtin,long-suffix,round-builtin,range-builtin-not-iterating,next-method-called,parameter-unpacking,unicode-builtin,unichr-builtin,import-star-module-level,raising-string,filter-builtin-not-iterating,using-cmp-argument,coerce-builtin,file-builtin,old-division,hex-method,missing-docstring,too-many-lines,ungrouped-imports,import-outside-toplevel,raise-missing-from,super-with-arguments,bad-option-value
 
 
 [REPORTS]

docs/gatsby-node.js

@@ -609,4 +609,29 @@ exports.createPages = ({ actions }) => {
     toPath: '/docs/intro',
     isPermanent: true,
   });
+  createRedirect({
+    fromPath: '/tutorial.html',
+    toPath: '/docs/creating-charts-dashboards/first-dashboard',
+    isPermanent: true,
+  });
+  createRedirect({
+    fromPath: '/tutorial.html#connecting-to-a-new-database',
+    toPath: '/docs/creating-charts-dashboards/first-dashboard',
+    isPermanent: true,
+  });
+  createRedirect({
+    fromPath: '/tutorial.html#adding-a-new-table',
+    toPath: '/docs/creating-charts-dashboards/first-dashboard',
+    isPermanent: true,
+  });
+  createRedirect({
+    fromPath: '/tutorial.html#exploring-your-data',
+    toPath: '/docs/creating-charts-dashboards/first-dashboard',
+    isPermanent: true,
+  });
+  createRedirect({
+    fromPath: '/tutorial.html#creating-a-slice-and-dashboard',
+    toPath: '/docs/creating-charts-dashboards/first-dashboard',
+    isPermanent: true,
+  });
 };

requirements/base.in

@@ -16,3 +16,5 @@
 # specific language governing permissions and limitations
 # under the License.
 -e file:.
+pyrsistent>=0.16.1,<0.17
+importlib-metadata>=1.7.0, <2

requirements/base.txt

@@ -1,4 +1,4 @@
-# SHA1:6d5583095e299af7f7e1c4fdf953577bc873a8a6
+# SHA1:1b5e15727cda5c8d6f711f02629430e1560618eb
 #
 # This file is autogenerated by pip-compile-multi
 # To update, run:
@@ -7,25 +7,25 @@
 #
 -e file:.                 # via -r requirements/base.in
 aiohttp==3.6.2            # via slackclient
-alembic==1.4.2            # via flask-migrate
+alembic==1.4.3            # via flask-migrate
 amqp==2.6.1               # via kombu
 apispec[yaml]==3.3.2      # via flask-appbuilder
 async-timeout==3.0.1      # via aiohttp
 attrs==20.2.0             # via aiohttp, jsonschema
 babel==2.8.0              # via flask-babel
 backoff==1.10.0           # via apache-superset
 billiard==3.6.3.0         # via celery
-bleach==3.1.5             # via apache-superset
+bleach==3.2.1             # via apache-superset
 brotli==1.0.9             # via flask-compress
 cachelib==0.1.1           # via apache-superset
 celery==4.4.7             # via apache-superset
-cffi==1.14.2              # via cryptography
+cffi==1.14.3              # via cryptography
 chardet==3.0.4            # via aiohttp
 click==7.1.2              # via apache-superset, flask, flask-appbuilder
 colorama==0.4.3           # via apache-superset, flask-appbuilder
 contextlib2==0.6.0.post1  # via apache-superset
 croniter==0.3.34          # via apache-superset
-cryptography==3.1         # via apache-superset
+cryptography==3.1.1       # via apache-superset
 decorator==4.4.2          # via retry
 defusedxml==0.6.0         # via python3-openid
 dnspython==2.0.0          # via email-validator
@@ -47,7 +47,7 @@ geopy==2.0.0              # via apache-superset
 gunicorn==20.0.4          # via apache-superset
 humanize==2.6.0           # via apache-superset
 idna==2.10                # via email-validator, yarl
-importlib-metadata==1.7.0  # via jsonschema, kombu, markdown
+importlib-metadata==1.7.0  # via -r requirements/base.in, jsonschema, kombu, markdown
 isodate==0.6.0            # via apache-superset
 itsdangerous==1.1.0       # via flask, flask-wtf
 jinja2==2.11.2            # via flask, flask-babel
@@ -58,13 +58,13 @@ markdown==3.2.2           # via apache-superset
 markupsafe==1.1.1         # via jinja2, mako, wtforms
 marshmallow-enum==1.5.1   # via flask-appbuilder
 marshmallow-sqlalchemy==0.23.1  # via flask-appbuilder
-marshmallow==3.7.1        # via flask-appbuilder, marshmallow-enum, marshmallow-sqlalchemy
+marshmallow==3.8.0        # via flask-appbuilder, marshmallow-enum, marshmallow-sqlalchemy
 msgpack==1.0.0            # via apache-superset
 multidict==4.7.6          # via aiohttp, yarl
 natsort==7.0.1            # via croniter
-numpy==1.19.1             # via pandas, pyarrow
+numpy==1.19.2             # via pandas, pyarrow
 packaging==20.4           # via bleach
-pandas==1.0.5             # via apache-superset
+pandas==1.1.2             # via apache-superset
 parsedatetime==2.6        # via apache-superset
 pathlib2==2.3.5           # via apache-superset
 polyline==1.4.0           # via apache-superset
@@ -74,7 +74,7 @@ pyarrow==1.0.1            # via apache-superset
 pycparser==2.20           # via cffi
 pyjwt==1.7.1              # via flask-appbuilder, flask-jwt-extended
 pyparsing==2.4.7          # via packaging
-pyrsistent==0.16.0        # via jsonschema
+pyrsistent==0.16.1        # via -r requirements/base.in, jsonschema
 python-dateutil==2.8.1    # via alembic, apache-superset, croniter, flask-appbuilder, pandas
 python-dotenv==0.14.0     # via apache-superset
 python-editor==1.0.4      # via alembic
@@ -98,7 +98,7 @@ werkzeug==1.0.1           # via flask, flask-jwt-extended
 wtforms-json==0.3.3       # via apache-superset
 wtforms==2.3.3            # via flask-wtf, wtforms-json
 yarl==1.5.1               # via aiohttp
-zipp==3.1.0               # via importlib-metadata
+zipp==3.2.0               # via importlib-metadata
 
 # The following packages are considered to be unsafe in a requirements file:
 # setuptools

requirements/development.txt

@@ -7,11 +7,10 @@
 #
 -r base.txt
 -e file:.                 # via -r requirements/base.in
-boto3==1.14.62            # via tabulator
-botocore==1.17.62         # via boto3, s3transfer
-cached-property==1.5.1    # via tableschema
+boto3==1.15.3             # via tabulator
+botocore==1.18.3          # via boto3, s3transfer
+cached-property==1.5.2    # via tableschema
 certifi==2020.6.20        # via requests
-docutils==0.15.2          # via botocore
 et-xmlfile==1.0.1         # via openpyxl
 flask-cors==3.0.9         # via -r requirements/development.in
 future==0.18.2            # via pyhive

requirements/docker.txt

@@ -7,11 +7,11 @@
 #
 -r base.txt
 -e file:.                 # via -r requirements/base.in
-gevent==20.6.2            # via -r requirements/docker.in
-greenlet==0.4.16          # via gevent
+gevent==20.9.0            # via -r requirements/docker.in
+greenlet==0.4.17          # via gevent
 psycopg2-binary==2.8.6    # via -r requirements/docker.in
 redis==3.5.3              # via -r requirements/docker.in
-zope.event==4.4           # via gevent
+zope.event==4.5.0         # via gevent
 zope.interface==5.1.0     # via gevent
 
 # The following packages are considered to be unsafe in a requirements file:

requirements/integration.txt

@@ -10,7 +10,7 @@ cfgv==3.2.0               # via pre-commit
 click==7.1.2              # via pip-compile-multi, pip-tools
 distlib==0.3.1            # via virtualenv
 filelock==3.0.12          # via tox, virtualenv
-identify==1.5.0           # via pre-commit
+identify==1.5.4           # via pre-commit
 importlib-metadata==1.7.0  # via pluggy, pre-commit, tox, virtualenv
 nodeenv==1.5.0            # via pre-commit
 packaging==20.4           # via tox
@@ -26,7 +26,7 @@ toml==0.10.1              # via pre-commit, tox
 toposort==1.5             # via pip-compile-multi
 tox==3.20.0               # via -r requirements/integration.in
 virtualenv==20.0.31       # via pre-commit, tox
-zipp==3.1.0               # via importlib-metadata
+zipp==3.2.0               # via importlib-metadata
 
 # The following packages are considered to be unsafe in a requirements file:
 # pip

requirements/testing.txt

@@ -11,14 +11,14 @@
 appnope==0.1.0            # via ipython
 astroid==2.4.2            # via pylint
 backcall==0.2.0           # via ipython
-coverage==5.2.1           # via pytest-cov
+coverage==5.3             # via pytest-cov
 docker==4.3.1             # via -r requirements/testing.in
 flask-testing==0.8.0      # via -r requirements/testing.in
 iniconfig==1.0.1          # via pytest
 ipdb==0.13.3              # via -r requirements/testing.in
 ipython-genutils==0.2.0   # via traitlets
 ipython==7.16.1           # via -r requirements/testing.in, ipdb
-isort==5.5.1              # via pylint
+isort==5.5.3              # via pylint
 jedi==0.17.2              # via ipython
 lazy-object-proxy==1.4.3  # via astroid
 mccabe==0.6.1             # via pylint
@@ -30,14 +30,14 @@ pexpect==4.8.0            # via ipython
 pickleshare==0.7.5        # via ipython
 prompt-toolkit==3.0.7     # via ipython
 ptyprocess==0.6.0         # via pexpect
-pygments==2.6.1           # via ipython
+pygments==2.7.1           # via ipython
 pyhive[hive,presto]==0.6.3  # via -r requirements/development.in, -r requirements/testing.in
 pylint==2.6.0             # via -r requirements/testing.in
 pytest-cov==2.10.1        # via -r requirements/testing.in
-pytest==6.0.1             # via -r requirements/testing.in, pytest-cov
+pytest==6.0.2             # via -r requirements/testing.in, pytest-cov
 redis==3.5.3              # via -r requirements/testing.in
 statsd==3.3.0             # via -r requirements/testing.in
-traitlets==5.0.3          # via ipython
+traitlets==5.0.4          # via ipython
 typed-ast==1.4.1          # via astroid
 wcwidth==0.2.5            # via prompt-toolkit
 websocket-client==0.57.0  # via docker

setup.py

@@ -89,7 +89,7 @@ def get_git_sha():
         "isodate",
         "markdown>=3.0",
         "msgpack>=1.0.0, <1.1",
-        "pandas>=1.0.5, <1.1",
+        "pandas>=1.1.2, <1.2",
         "parsedatetime",
         "pathlib2",
         "polyline",

superset-frontend/.eslintrc.js

@@ -17,7 +17,12 @@
  * under the License.
  */
 module.exports = {
-  extends: ['airbnb', 'prettier', 'prettier/react'],
+  extends: [
+    'airbnb',
+    'prettier',
+    'prettier/react',
+    'plugin:react-hooks/recommended',
+  ],
   parser: 'babel-eslint',
   parserOptions: {
     ecmaFeatures: {

superset-frontend/cypress-base/cypress/integration/dashboard/edit_mode.test.js

@@ -23,7 +23,7 @@ describe('Dashboard edit mode', () => {
     cy.server();
     cy.login();
     cy.visit(WORLD_HEALTH_DASHBOARD);
-    cy.get('.dashboard-header [data-test=pencil]').click();
+    cy.get('.dashboard-header [data-test=edit-alt]').click();
   });
 
   it('remove, and add chart flow', () => {

superset-frontend/cypress-base/cypress/integration/dashboard/markdown.test.ts

@@ -30,7 +30,7 @@ describe('Dashboard edit markdown', () => {
     cy.get('script').then(nodes => {
       numScripts = nodes.length;
     });
-    cy.get('.dashboard-header [data-test=pencil]').click();
+    cy.get('.dashboard-header [data-test=edit-alt]').click();
     cy.get('script').then(nodes => {
       // load 5 new script chunks for css editor
       expect(nodes.length).to.greaterThan(numScripts);

superset-frontend/cypress-base/cypress/integration/dashboard/save.test.js

@@ -53,7 +53,7 @@ describe('Dashboard save action', () => {
     cy.get('.grid-container .box_plot', { timeout: 5000 }); // wait for 5 secs
 
     // remove box_plot chart from dashboard
-    cy.get('.dashboard-header [data-test=pencil]').click();
+    cy.get('.dashboard-header [data-test=edit-alt]').click();
     cy.get('.fa.fa-trash').last().trigger('click', { force: true });
     cy.get('.grid-container .box_plot').should('not.exist');
 
@@ -64,7 +64,7 @@ describe('Dashboard save action', () => {
 
     // go back to view mode
     cy.wait('@saveRequest');
-    cy.get('.dashboard-header [data-test=pencil]').click();
+    cy.get('.dashboard-header [data-test=edit-alt]').click();
     cy.get('.grid-container .box_plot').should('not.exist');
   });
 });

superset-frontend/cypress-base/cypress/integration/dashboard_list/filter.test.ts

@@ -18,7 +18,7 @@
  */
 import { DASHBOARD_LIST } from './dashboard_list.helper';
 
-describe('dashboard filters', () => {
+describe('dashboard filters card view', () => {
   beforeEach(() => {
     cy.login();
     cy.server();
@@ -36,14 +36,63 @@ describe('dashboard filters', () => {
     cy.get('.ant-card').should('not.exist');
   });
 
+  it('should filter by created by correctly', () => {
+    // filter by created by
+    cy.get('.Select__control').eq(1).click();
+    cy.get('.Select__menu').contains('alpha user').click();
+    cy.get('.ant-card').should('not.exist');
+    cy.get('.Select__control').eq(1).click();
+    cy.get('.Select__menu').contains('gamma user').click();
+    cy.get('.ant-card').should('not.exist');
+  });
+
   it('should filter by published correctly', () => {
     // filter by published
-    cy.get('.Select__control').eq(1).click();
+    cy.get('.Select__control').eq(2).click();
     cy.get('.Select__menu').contains('Published').click();
     cy.get('.ant-card').should('have.length', 2);
     cy.get('.ant-card').first().contains('USA Births Names').should('exist');
-    cy.get('.Select__control').eq(1).click();
-    cy.get('.Select__control').eq(1).type('unpub{enter}');
+    cy.get('.Select__control').eq(2).click();
+    cy.get('.Select__control').eq(2).type('unpub{enter}');
     cy.get('.ant-card').should('have.length', 2);
   });
 });
+
+describe('dashboard filters list view', () => {
+  beforeEach(() => {
+    cy.login();
+    cy.server();
+    cy.visit(DASHBOARD_LIST);
+  });
+
+  it('should filter by owners correctly', () => {
+    // filter by owners
+    cy.get('.Select__control').first().click();
+    cy.get('.Select__menu').contains('alpha user').click();
+    cy.get('.table-row').should('not.exist');
+    cy.get('.Select__control').first().click();
+    cy.get('.Select__menu').contains('gamma user').click();
+    cy.get('.table-row').should('not.exist');
+  });
+
+  it('should filter by created by correctly', () => {
+    // filter by created by
+    cy.get('.Select__control').eq(1).click();
+    cy.get('.Select__menu').contains('alpha user').click();
+    cy.get('.table-row').should('not.exist');
+    cy.get('.Select__control').eq(1).click();
+    cy.get('.Select__menu').contains('gamma user').click();
+    cy.get('.table-row').should('not.exist');
+  });
+
+  it('should filter by published correctly', () => {
+    // filter by published
+    cy.get('.Select__control').eq(2).click();
+    cy.get('.Select__menu').contains('Published').click();
+    cy.get('.table-row').should('have.length', 2);
+    cy.get('.table-row').first().contains('USA Births Names').should('exist');
+    cy.get('.Select__control').eq(2).click();
+    cy.get('.Select__control').eq(2).type('unpub{enter}');
+    cy.get('.table-row').should('have.length', 2);
+  });
+});

superset-frontend/cypress-base/cypress/integration/dashboard_list/list_view.test.ts

@@ -31,17 +31,22 @@ describe('dashboard list view', () => {
     cy.get('table[role="table"]').should('be.visible');
     // check dashboard list view header
     cy.get('th[role="columnheader"]:nth-child(2)').contains('Title');
-    cy.get('th[role="columnheader"]:nth-child(3)').contains('Owners');
-    cy.get('th[role="columnheader"]:nth-child(4)').contains('Modified By');
-    cy.get('th[role="columnheader"]:nth-child(5)').contains('Published');
-    cy.get('th[role="columnheader"]:nth-child(6)').contains('Modified');
-    cy.get('th[role="columnheader"]:nth-child(7)').contains('Actions');
+    cy.get('th[role="columnheader"]:nth-child(3)').contains('Modified By');
+    cy.get('th[role="columnheader"]:nth-child(4)').contains('Published');
+    cy.get('th[role="columnheader"]:nth-child(5)').contains('Modified');
+    cy.get('th[role="columnheader"]:nth-child(6)').contains('Created By');
+    cy.get('th[role="columnheader"]:nth-child(7)').contains('Owners');
+    cy.get('th[role="columnheader"]:nth-child(8)').contains('Actions');
     cy.get('.table-row').should('have.length', 4);
   });
 
   it('should sort correctly', () => {
     cy.get('th[role="columnheader"]:nth-child(2)').click();
     cy.get('.table-row td:nth-child(2):eq(0)').contains('Tabbed Dashboard');
+    cy.get('th[role="columnheader"]:nth-child(3)').click();
+    cy.get('.table-row td:nth-child(2):eq(0)').contains('Tabbed Dashboard');
+    cy.get('th[role="columnheader"]:nth-child(5)').click();
+    cy.get('.table-row  td:nth-child(2):eq(0)').contains("World Bank's Data");
     cy.get('th[role="columnheader"]:nth-child(6)').click();
     cy.get('.table-row  td:nth-child(2):eq(0)').contains("World Bank's Data");
   });