You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@superset.apache.org by su...@apache.org on 2021/12/11 10:40:42 UTC
[superset] branch guest-token-authz updated (048d4b2 -> 52c453b)
This is an automated email from the ASF dual-hosted git repository.
suddjian pushed a change to branch guest-token-authz
in repository https://gitbox.apache.org/repos/asf/superset.git.
from 048d4b2 guest token dashboard authz
new 07a78b2 adjust csrf exempt list
new 52c453b eums don't work that way
The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
superset/config.py | 6 +++++-
superset/dashboards/filters.py | 2 +-
2 files changed, 6 insertions(+), 2 deletions(-)
[superset] 02/02: eums don't work that way
Posted by su...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
suddjian pushed a commit to branch guest-token-authz
in repository https://gitbox.apache.org/repos/asf/superset.git
commit 52c453bad27b6ffc5cbee6dd9d8acf7ae0771362
Author: David Aaron Suddjian <aa...@gmail.com>
AuthorDate: Sat Dec 11 02:35:35 2021 -0800
eums don't work that way
---
superset/dashboards/filters.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/superset/dashboards/filters.py b/superset/dashboards/filters.py
index 3d49978..e398af9 100644
--- a/superset/dashboards/filters.py
+++ b/superset/dashboards/filters.py
@@ -137,7 +137,7 @@ class DashboardAccessFilter(BaseFilter): # pylint: disable=too-few-public-metho
embedded_dashboard_ids = [
r["id"]
for r in guest_user.resources
- if r["type"] == GuestTokenResourceType.DASHBOARD
+ if r["type"] == GuestTokenResourceType.DASHBOARD.value
]
if len(embedded_dashboard_ids) != 0:
feature_flagged_filters.append(Dashboard.id.in_(embedded_dashboard_ids))
[superset] 01/02: adjust csrf exempt list
Posted by su...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
suddjian pushed a commit to branch guest-token-authz
in repository https://gitbox.apache.org/repos/asf/superset.git
commit 07a78b232c10958840267a518c692ba4602024e9
Author: David Aaron Suddjian <aa...@gmail.com>
AuthorDate: Sat Dec 11 02:35:24 2021 -0800
adjust csrf exempt list
---
superset/config.py | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/superset/config.py b/superset/config.py
index 2ff2f1a..f7a5bc5 100644
--- a/superset/config.py
+++ b/superset/config.py
@@ -191,7 +191,11 @@ QUERY_SEARCH_LIMIT = 1000
WTF_CSRF_ENABLED = True
# Add endpoints that need to be exempt from CSRF protection
-WTF_CSRF_EXEMPT_LIST = ["superset.views.core.log", "superset.charts.data.api.data"]
+WTF_CSRF_EXEMPT_LIST = [
+ "superset.views.core.log",
+ "superset.views.core.explore_json",
+ "superset.charts.data.api.data",
+]
# Whether to run the web server in debug mode or not
DEBUG = os.environ.get("FLASK_ENV") == "development"