Update from getredash/redash #2
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
* Normalize Flask initialization API use. * Use Flask-Talisman. * Enable HSTS when HTTPS is enforced. * More details about how CSP is formatted and write CSP directives as a string. * Use CSP frame-ancestors directive and not X-Frame-Options for embedable endpoints. * Add link to flask-talisman docs. * set remember_token cookie to be HTTP-Only and Secure * Reorganize secret key configuration to be forward thinking and backward compatible.
… is enabled. (#3530) * Make LDAP auth handler org scoped. * Render LDAP and remote auth login links correctly when multi org mode is enabled.
* Browser support config * Removed some offending code * Added unsupported html page and redirect for IE * Typo in regex * Made html page static * Added redirect script to multi_org * Moved static html page to client/app
* Add phoenix query runner. * Improved error handling.
* check that e-mail server is configured before marking the email address as not verified and sending out a verification e-mail * use helper method in `invite_user` * move email_server_configured helper to settings * add test to verify that email addresses arent marked as unverified if there's no e-mail server to verify them * simplify a couple of tests with patch * combine conditions into single variable * Booleans, gotta love 'em
* allowing to specify a custom work group for AWS Athena queries * Fixing title + adding correct position in the UI
* Show accessible tables only. * Get table information from information_schema.columns. * Union old query.
* Return 400 when destination name already exists * Remove whitespace * Unicode 1 Co-Authored-By: gabrieldutra <[email protected]> * Unicode 2 Co-Authored-By: gabrieldutra <[email protected]>
* Fix Celery worker CLI parameter name that was changed in Celery 4.x. * Set Celery worker --max-memory-per-child to 1/4th of total system memory. * Review fixes. * Review fixes.
* Treat repeated BigQuery fields as arrays * handle untransformed field types and None
* Migrate TypePicker to React * Migrate DataSources and Destinations List * Fixes to DestinationsList * Add CreateDataSource (testing with Steps) * Render the form after type selection * Add HELP_LINKS to CreateDataSource * Add Done behavior * Add scrollToTop to CreateDataSource * TypePicker styling adjusts * Add CreateDestination * Update resouce gets to componentDidMount * Create EditForm components * Migrate Edit pages * Remove angular logic from DynamicForm * Add actions to EditPages * TypePicker title style adjustments * Add Empty and Loading state * UX improvements * Review changes * Styling updates on TypePicker, forms background fix * Add blank line removed by mistaken * Reorganize TypePicker * Hide Search on List Pages * Fix spacing in Forms * Update Create Data Source and Destination to be a Dialog * Remove max-height from the form * Fix DynamicForm import in CreateUserDialog * Route /new to open CreateSourceDialog * Add HelpTrigger + refine styling and Edit Pages * Remove help links from data source resource * Update Cypress specs * TypePicker -> CardsList * Remove old TypePicker styling and change CardsList styling to less * Test if Percy shows Dialogs * Personal review cleanup * CR * Remove unnecessary query on dialog success * Handle resource errors in Edit Pages * Add CreateDestination policy * Add placeholder and separator to the Name field * Use cy.click instead of cy.wait * Revert "Use cy.click instead of cy.wait" (Didn't work) This reverts commit 77285d9. * Align help trigger on the right and rename Steps * Refine behavior for long names * Update toastr calls to use notification instead * Redirect to target after creation * Remove autoFocus on DynamicForm for Edit Pages * Add eslint-disable for cy.wait
* change has_access and require_access signatures to work with the objects that require access, instead of their groups * rename `object` to `obj` * support both objects and group dicts in `has_access` and `require_access` * simplify permission tests once `has_access` accepts groups
* handle an edge case where dropdown queries are connected to data sources that no longer exist * Rethinking it, an empty result set makes no sense and it's better to throw an error * remove redundant import
* change has_access and require_access signatures to work with the objects that require access, instead of their groups * change has_access and require_access signatures to work with the objects that require access, instead of their groups * use the textless endpoint (/api/queries/:id/results) for pristine queriest * Revert "use the textless endpoint (/api/queries/:id/results) for pristine" This reverts commit cd2cee7. * go to textless /api/queries/:id/results by default * change `run_query`'s signature to accept a ParameterizedQuery instead of constructing it inside * raise HTTP 400 when receiving invalid parameter values. Fixes #3394 * support querystring params * extract coercing of numbers to function, along with a friendlier implementation * wire embeds to textless endpoint * allow users with view_only permissions to execute queries on the textless endpoint, as it only allows safe queries to run * enqueue jobs for ApiUsers * add parameters component for embeds * include existing parameters in embed code * fetch correct values for json requests * remove previous embed parameter code * rename `id` to `user_id` * support executing queries using Query api_keys by instantiating an ApiUser that would be able to execute the specific query * bring back ALLOW_PARAMETERS_IN_EMBEDS (with link on deprecation coming up) * show deprecation messages for ALLOW_PARAMETERS_IN_EMBEDS. Also, move other message (email not verified) to use the same mechanism * add link to forum message on setting deprecation * rephrase deprecation message * add link to forum message regarding embed deprecation * change API to /api/queries/:id/dropdowns/:dropdown_id * split to 2 different dropdown endpoints and implement the second * add test cases for /api/queries/:id/dropdowns/:id * use new /dropdowns endpoint in frontend * first e2e test for sharing embeds * Pleasing the CodeClimate overlords * All glory to CodeClimate * change has_access and require_access signatures to work with the objects that require access, instead of their groups * split has_access between normal users and ApiKey users * remove residues from bad rebase * allow access to safe queries via api keys * rename `object` to `obj` * support both objects and group dicts in `has_access` and `require_access` * simplify permission tests once `has_access` accepts groups * change has_access and require_access signatures to work with the objects that require access, instead of their groups * rename `object` to `obj` * support both objects and group dicts in `has_access` and `require_access` * simplify permission tests once `has_access` accepts groups * fix bad rebase * send embed parameters through POST data * no need to log `is_api_key` * move query fetching by api_key to within the Query model * fetch user by adding a get_by_id function on the User model * pass parameters as POST data (fixes test failure introduced by switching from query string parameters to POST data) * test the right thing - queries with safe parameters should be embeddable * introduce cy.clickThrough * add another Cypress test to make sure unsafe queries cannot be embedded * serialize Parameters into query string * set is_api_key as the last parameter to (hopefully) avoid backward-dependency problems * Update redash/models/parameterized_query.py Co-Authored-By: rauchy <[email protected]> * attempt to fix empty percy snapshots * snap percies after DOM is fully loaded
* support date ranges for parameterized embeds * add qs * remove hideous implementation and use qs * get rid of apiKey querystring parameter and introduce query-string module
Jakdaw
pushed a commit
that referenced
this pull request
Oct 24, 2019
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What type of PR is this? (check all applicable)
Description
Related Tickets & Documents
Mobile & Desktop Screenshots/Recordings (if there are UI changes)