Moving the custom_password_store out of Database class (apache#4182)

wenchma · Jan 9, 2018 · 7882f5d · 7882f5d
1 parent 09404da
commit 7882f5d
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 5 deletions.
diff --git a/superset/models/core.py b/superset/models/core.py
@@ -41,6 +41,7 @@
 from urllib import parse  # noqa
 
 config = app.config
+custom_password_store = config.get('SQLALCHEMY_CUSTOM_PASSWORD_STORE')
 stats_logger = config.get('STATS_LOGGER')
 metadata = Model.metadata  # pylint: disable=no-member
 
@@ -567,7 +568,7 @@ class Database(Model, AuditMixinNullable, ImportMixin):
     }
     """))
     perm = Column(String(1000))
-    custom_password_store = config.get('SQLALCHEMY_CUSTOM_PASSWORD_STORE')
+
     impersonate_user = Column(Boolean, default=False)
     export_fields = ('database_name', 'sqlalchemy_uri', 'cache_timeout',
                      'expose_in_sqllab', 'allow_run_sync', 'allow_run_async',
@@ -611,7 +612,7 @@ def get_password_masked_url(cls, url):
 
     def set_sqlalchemy_uri(self, uri):
         conn = sqla.engine.url.make_url(uri.strip())
-        if conn.password != PASSWORD_MASK and not self.custom_password_store:
+        if conn.password != PASSWORD_MASK and not custom_password_store:
             # do not over-write the password with the password mask
             self.password = conn.password
         conn.password = PASSWORD_MASK if conn.password else None
@@ -803,8 +804,8 @@ def get_foreign_keys(self, table_name, schema=None):
     @property
     def sqlalchemy_uri_decrypted(self):
         conn = sqla.engine.url.make_url(self.sqlalchemy_uri)
-        if self.custom_password_store:
-            conn.password = self.custom_password_store(conn)
+        if custom_password_store:
+            conn.password = custom_password_store(conn)
         else:
             conn.password = self.password
         return str(conn)

diff --git a/tests/core_tests.py b/tests/core_tests.py
@@ -315,11 +315,13 @@ def test_custom_password_store(self):
         def custom_password_store(uri):
             return 'password_store_test'
 
-        database.custom_password_store = custom_password_store
+        models.custom_password_store = custom_password_store
         conn = sqla.engine.url.make_url(database.sqlalchemy_uri_decrypted)
         if conn_pre.password:
             assert conn.password == 'password_store_test'
             assert conn.password != conn_pre.password
+        # Disable for password store for later tests
+        models.custom_password_store = None
 
     def test_databaseview_edit(self, username='admin'):
         # validate that sending a password-masked uri does not over-write the decrypted