Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Updating permission when refreshing druid datasource #2655

Merged
merged 32 commits into from
May 22, 2017
Merged

Updating permission when refreshing druid datasource #2655

Show file tree
Hide file tree
Changes from 2 commits
Commits
Show all changes
32 commits
Select commit Hold shift + click to select a range
bc582ae
Updating permission when refreshing druid datasource
Apr 20, 2017
e5c5c0b
Adding test
Apr 20, 2017
f9fd7d2
Fix style
Apr 21, 2017
8df76d2
Merge branch 'master' into perm_update
Apr 21, 2017
92923a0
Merge branch 'master' into perm_update
Apr 21, 2017
6b83d27
Merge branch 'master' into perm_update
Apr 25, 2017
893a1c1
Deletion view_menu after db, table, cluster, ds deletion
Apr 21, 2017
1abac56
Update table model
Apr 25, 2017
a97655f
Merge branch 'master' into perm_update
Apr 26, 2017
15a0c19
Linting
Apr 26, 2017
3dd01e7
Merge branch 'master' into perm_update
Apr 26, 2017
b4c5949
Merge branch 'master' into perm_update
Apr 26, 2017
aaacbc4
Merge branch 'master' into perm_update
Apr 28, 2017
2c61ce9
Merge branch 'master' into perm_update
May 1, 2017
d8b4b5b
Override _delete instead of post_delete
May 1, 2017
ff82e8d
Merge branch 'master' into perm_update
May 1, 2017
a18e201
fix
May 2, 2017
d1dad60
Merge branch 'master' into perm_update
May 2, 2017
3b13a68
lint
May 2, 2017
3744f42
fix multi delete
May 2, 2017
9b5e783
fix
May 2, 2017
5ebdf0c
Merge branch 'master' into perm_update
May 8, 2017
89b4ed7
Merge branch 'master' into perm_update
May 9, 2017
89639ce
Merge branch 'master' into perm_update
May 10, 2017
76b9678
Merge branch 'master' into perm_update
May 11, 2017
4449a63
Merge branch 'master' into perm_update
May 14, 2017
49fcd50
Refactoring
May 14, 2017
fad50c9
Amending
May 14, 2017
eb0953c
Merge branch 'master' into perm_update
May 16, 2017
33b2c97
Merge branch 'master' into perm_update
May 17, 2017
63f9260
Merge branch 'master' into perm_update
May 18, 2017
7e69463
Merge branch 'master' into perm_update
May 22, 2017
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
38 changes: 37 additions & 1 deletion superset/models/helpers.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@
from flask_appbuilder.models.mixins import AuditMixin
from flask_appbuilder.models.decorators import renders
from superset.utils import QueryStatus

from superset import sm

class ImportMixin(object):
def override(self, obj):
Expand Down Expand Up @@ -116,12 +116,48 @@ def __init__( # noqa
self.status = status
self.error_message = error_message

def merge_perm(sm, permission_name, view_menu_name, connection):
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same as
https://github.com/airbnb/superset/blob/f374345860f4a3e307ea1772b099ce038868aa71/superset/security.py#L70
?

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes functionality-wise. But it doesn't seem to work with listener. I got an error saying "use connection level operation". So the merge function here uses connection.


permission = sm.find_permission(permission_name)
view_menu = sm.find_view_menu(view_menu_name)
pv = None

if not permission:
permission_table = sm.permission_model.__table__
connection.execute(
permission_table.insert()
.values(name=permission_name)
)
if not view_menu:
view_menu_table = sm.viewmenu_model.__table__
connection.execute(
view_menu_table.insert()
.values(name=view_menu_name)
)

permission = sm.find_permission(permission_name)
view_menu = sm.find_view_menu(view_menu_name)

if permission and view_menu:
pv = sm.get_session.query(sm.permissionview_model).filter_by(
permission=permission, view_menu=view_menu).first()
if not pv and permission and view_menu:
permission_view_table = sm.permissionview_model.__table__
connection.execute(
permission_view_table.insert()
.values(permission_id=permission.id,
view_menu_id=view_menu.id)
)

def set_perm(mapper, connection, target): # noqa

if target.perm != target.get_perm():
link_table = target.__table__
connection.execute(
link_table.update()
.where(link_table.c.id == target.id)
.values(perm=target.get_perm())
)

# add to view menu if not already exists
merge_perm(sm, 'datasource_access', target.get_perm(), connection)
43 changes: 43 additions & 0 deletions tests/druid_tests.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -276,6 +276,49 @@ def test_filter_druid_datasource(self):
self.assertIn('datasource_for_gamma', resp)
self.assertNotIn('datasource_not_for_gamma', resp)

@patch('superset.connectors.druid.models.PyDruid')
def test_sync_druid_perm(self, PyDruid):
self.login(username='admin')
instance = PyDruid.return_value
instance.time_boundary.return_value = [
{'result': {'maxTime': '2016-01-01'}}]
instance.segment_metadata.return_value = SEGMENT_METADATA

cluster = (
db.session
.query(DruidCluster)
.filter_by(cluster_name='test_cluster')
.first()
)
if cluster:
db.session.delete(cluster)
db.session.commit()

cluster = DruidCluster(
cluster_name='test_cluster',
coordinator_host='localhost',
coordinator_port=7979,
broker_host='localhost',
broker_port=7980,
metadata_last_refreshed=datetime.now())

db.session.add(cluster)
cluster.get_datasources = Mock(return_value=['test_datasource'])
cluster.get_druid_version = Mock(return_value='0.9.1')

cluster.refresh_datasources()
datasource_id = cluster.datasources[0].id
db.session.commit()

view_menu_name = cluster.datasources[0].get_perm()
view_menu = sm.find_view_menu(view_menu_name)
permission = sm.find_permission("datasource_access")

pv = sm.get_session.query(sm.permissionview_model).filter_by(
permission=permission, view_menu=view_menu).first()
assert pv is not None



if __name__ == '__main__':
unittest.main()
2 changes: 2 additions & 0 deletions tests/sqllab_tests.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -59,7 +59,9 @@ def test_sql_json_has_access(self):
main_db_permission_view = (
db.session.query(ab_models.PermissionView)
.join(ab_models.ViewMenu)
.join(ab_models.Permission)
.filter(ab_models.ViewMenu.name == '[main].(id:1)')
.filter(ab_models.Permission.name == 'database_access')
.first()
)
astronaut = sm.add_role("Astronaut")
Expand Down