You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@superset.apache.org by ru...@apache.org on 2020/09/22 01:17:25 UTC
[incubator-superset-site] 04/42: Latest docs
This is an automated email from the ASF dual-hosted git repository.
rusackas pushed a commit to branch asf-site
in repository https://gitbox.apache.org/repos/asf/incubator-superset-site.git
commit 4603d6101309d670b3c9318b9ebedff5f62bbad2
Author: Maxime Beauchemin <ma...@apache.org>
AuthorDate: Wed Sep 27 09:26:23 2017 -0700
Latest docs
---
_sources/faq.txt | 14 ++++++-
_sources/installation.txt | 93 +++++++++++++++++++++++++++++++++++++++++++----
_sources/security.txt | 5 ++-
faq.html | 11 ++++++
index.html | 5 +++
installation.html | 89 +++++++++++++++++++++++++++++++++++++++++----
searchindex.js | 2 +-
security.html | 5 ++-
sql | 13 +++++++
9 files changed, 215 insertions(+), 22 deletions(-)
diff --git a/_sources/faq.txt b/_sources/faq.txt
index d06c6c9..82280ed 100644
--- a/_sources/faq.txt
+++ b/_sources/faq.txt
@@ -173,7 +173,7 @@ different sections of the code do:
https://github.com/airbnb/superset/pull/3013
What database engine can I use as a backend for Superset?
---------------------------------------------------------
+---------------------------------------------------------
To clarify, the *database backend* is an OLTP database used by Superset to store its internal
information like your list of users, slices and dashboard definitions.
@@ -184,3 +184,15 @@ install Superset on one of these database server for production.
Using a column-store, non-OLTP databases like Vertica, Redshift or Presto as a database backend simply won't work as these databases are not designed for this type of workload. Installation on Oracle, Microsoft SQL Server, or other OLTP databases may work but isn't tested.
Please note that pretty much any databases that have a SqlAlchemy integration should work perfectly fine as a datasource for Superset, just not as the OLTP backend.
+
+How can i configure OAuth authentication and authorization?
+-----------------------------------------------------------
+
+You can take a look at this Flask-AppBuilder `configuration example
+<https://github.com/dpgaspar/Flask-AppBuilder/blob/master/examples/oauth/config.py>`_.
+
+How can I set a default filter on my dashboard?
+-----------------------------------------------
+
+Easy. Simply apply the filter and save the dashboard while the filter
+is active.
diff --git a/_sources/installation.txt b/_sources/installation.txt
index e04bd68..76f9c00 100644
--- a/_sources/installation.txt
+++ b/_sources/installation.txt
@@ -8,6 +8,32 @@ Superset is tested against Python ``2.7`` and Python ``3.4``.
Airbnb currently uses 2.7.* in production. We do not plan on supporting
Python ``2.6``.
+Cloud-native!
+-------------
+
+Superset is designed to be highly available. It is
+"cloud-native" as it has been designed scale out in large,
+distributed environments, and works well inside containers.
+While you can easily
+test drive Superset on a modest setup or simply on your laptop,
+there's virtually no limit around scaling out the platform.
+Superset is also cloud-native in the sense that it is
+flexible and lets you choose your web server (Gunicorn, Nginx, Apache),
+your metadata database engine (MySQL, Postgres, MariaDB, ...),
+your message queue (Redis, RabbitMQ, SQS, ...),
+your results backend (S3, Redis, Memcached, ...), your caching layer
+(memcached, Redis, ...), works well with services like NewRelic, StatsD and
+DataDog, and has the ability to run analytic workloads against
+most popular database technologies.
+
+Superset is battle tested in large environments with hundreds
+of concurrent users. Airbnb's production environment runs inside
+Kubernetes and serves 600+ daily active users viewing over 100K charts a
+day.
+
+The Superset web server and the Superset Celery workers (optional)
+are stateless, so you can scale out by running on as many servers
+as needed.
OS dependencies
---------------
@@ -107,10 +133,40 @@ the credential you entered while creating the admin account, and navigate to
your datasources for Superset to be aware of, and they should show up in
`Menu -> Datasources`, from where you can start playing with your data!
-Please note that *gunicorn*, Superset default application server, does not
-work on Windows so you need to use the development web server.
-The development web server though is not intended to be used on production systems
-so better use a supported platform that can run *gunicorn*.
+A proper WSGI HTTP Server
+-------------------------
+
+While you can setup Superset to run on Nginx or Apache, many use
+Gunicorn, preferably in **async mode**, which allows for impressive
+concurrency even and is fairly easy to install and configure. Please
+refer to the
+documentation of your preferred technology to set up this Flask WSGI
+application in a way that works well in your environment.
+
+While the `superset runserver` command act as an quick wrapper
+around `gunicorn`, it doesn't expose all the options you may need,
+so you'll want to craft your own `gunicorn` command in your production
+environment. Here's an **async** setup known to work well: ::
+
+ gunicorn \
+ -w 10 \
+ -k gevent \
+ --timeout 120 \
+ -b 0.0.0.0:6666 \
+ --limit-request-line 0 \
+ --limit-request-field_size 0 \
+ --statsd-host localhost:8125 \
+ superset:app
+
+Refer to the
+[Gunicorn documentation](http://docs.gunicorn.org/en/stable/design.html)
+for more information.
+
+Note that *gunicorn* does not
+work on Windows so the `superser runserver` command is not expected to work
+in that context. Also note that the development web
+server (`superset runserver -d`) is not intended for production use.
+
Configuration behind a load balancer
------------------------------------
@@ -157,6 +213,8 @@ of the parameters you can copy / paste in that configuration module: ::
# Flask-WTF flag for CSRF
WTF_CSRF_ENABLED = True
+ # Add endpoints that need to be exempt from CSRF protection
+ WTF_CSRF_EXEMPT_LIST = []
# Set this API key to enable Mapbox visualizations
MAPBOX_API_KEY = ''
@@ -172,6 +230,11 @@ Please make sure to change:
* *SQLALCHEMY_DATABASE_URI*, by default it is stored at *~/.superset/superset.db*
* *SECRET_KEY*, to a long random string
+In case you need to exempt endpoints from CSRF, e.g. you are running a custom
+auth postback endpoint, you can add them to *WTF_CSRF_EXEMPT_LIST*
+
+ WTF_CSRF_EXEMPT_LIST = ['']
+
Database dependencies
---------------------
@@ -223,10 +286,6 @@ database you want to connect to should get you to the right place.
(AWS) Athena
------------
-This currently relies on an unreleased future version of `PyAthenaJDBC <https://github.com/laughingman7743/PyAthenaJDBC>`_. If you're adventurous or simply impatient, you can install directly from git: ::
-
- pip install git+https://github.com/laughingman7743/PyAthenaJDBC@support_sqlalchemy
-
The connection string for Athena looks like this ::
awsathena+jdbc://{aws_access_key_id}:{aws_secret_access_key}@athena.{region_name}.amazonaws.com/{schema_name}?s3_staging_dir={s3_staging_dir}&...
@@ -284,6 +343,24 @@ on top of the **database**. For Superset to connect to a specific schema,
there's a **schema** parameter you can set in the table form.
+External Password store for SQLAlchemy connections
+--------------------------------------------------
+It is possible to use an external store for you database passwords. This is
+useful if you a running a custom secret distribution framework and do not wish
+to store secrets in Superset's meta database.
+
+Example:
+Write a function that takes a single argument of type ``sqla.engine.url`` and returns
+the password for the given connection string. Then set ``SQLALCHEMY_CUSTOM_PASSWORD_STORE``
+in your config file to point to that function. ::
+
+ def example_lookup_password(url):
+ secret = <<get password from external framework>>
+ return 'secret'
+
+ SQLALCHEMY_CUSTOM_PASSWORD_STORE = example_lookup_password
+
+
SSL Access to databases
-----------------------
This example worked with a MySQL database that requires SSL. The configuration
diff --git a/_sources/security.txt b/_sources/security.txt
index b5d5b63..afc00cb 100644
--- a/_sources/security.txt
+++ b/_sources/security.txt
@@ -3,7 +3,8 @@ Security
Security in Superset is handled by Flask AppBuilder (FAB). FAB is a
"Simple and rapid application development framework, built on top of Flask.".
FAB provides authentication, user management, permissions and roles.
-
+Please read its `Security documentation
+<http://flask-appbuilder.readthedocs.io/en/latest/security.html>`_.
Provided Roles
--------------
@@ -35,7 +36,7 @@ own. Alpha users can add and alter data sources.
Gamma
"""""
Gamma have limited access. They can only consume data coming from data sources
-they have been giving access to through another complementary role.
+they have been given access to through another complementary role.
They only have access to view the slices and
dashboards made from data sources that they have access to. Currently Gamma
users are not able to alter or add data sources. We assume that they are
diff --git a/faq.html b/faq.html
index dcad373..1c2f37a 100644
--- a/faq.html
+++ b/faq.html
@@ -100,6 +100,8 @@
<li class="toctree-l2"><a class="reference internal" href="#how-do-i-add-new-columns-to-an-existing-table">How do I add new columns to an existing table</a></li>
<li class="toctree-l2"><a class="reference internal" href="#how-do-i-go-about-developing-a-new-visualization-type">How do I go about developing a new visualization type?</a></li>
<li class="toctree-l2"><a class="reference internal" href="#what-database-engine-can-i-use-as-a-backend-for-superset">What database engine can I use as a backend for Superset?</a></li>
+<li class="toctree-l2"><a class="reference internal" href="#how-can-i-configure-oauth-authentication-and-authorization">How can i configure OAuth authentication and authorization?</a></li>
+<li class="toctree-l2"><a class="reference internal" href="#how-can-i-set-a-default-filter-on-my-dashboard">How can I set a default filter on my dashboard?</a></li>
</ul>
</li>
</ul>
@@ -291,6 +293,15 @@ install Superset on one of these database server for production.</p>
<p>Using a column-store, non-OLTP databases like Vertica, Redshift or Presto as a database backend simply won’t work as these databases are not designed for this type of workload. Installation on Oracle, Microsoft SQL Server, or other OLTP databases may work but isn’t tested.</p>
<p>Please note that pretty much any databases that have a SqlAlchemy integration should work perfectly fine as a datasource for Superset, just not as the OLTP backend.</p>
</div>
+<div class="section" id="how-can-i-configure-oauth-authentication-and-authorization">
+<h2>How can i configure OAuth authentication and authorization?<a class="headerlink" href="#how-can-i-configure-oauth-authentication-and-authorization" title="Permalink to this headline">¶</a></h2>
+<p>You can take a look at this Flask-AppBuilder <a class="reference external" href="https://github.com/dpgaspar/Flask-AppBuilder/blob/master/examples/oauth/config.py">configuration example</a>.</p>
+</div>
+<div class="section" id="how-can-i-set-a-default-filter-on-my-dashboard">
+<h2>How can I set a default filter on my dashboard?<a class="headerlink" href="#how-can-i-set-a-default-filter-on-my-dashboard" title="Permalink to this headline">¶</a></h2>
+<p>Easy. Simply apply the filter and save the dashboard while the filter
+is active.</p>
+</div>
</div>
diff --git a/index.html b/index.html
index 4039fea..30ea732 100644
--- a/index.html
+++ b/index.html
@@ -188,10 +188,12 @@ to the user</li>
<ul>
<li class="toctree-l1"><a class="reference internal" href="installation.html">Installation & Configuration</a><ul>
<li class="toctree-l2"><a class="reference internal" href="installation.html#getting-started">Getting Started</a></li>
+<li class="toctree-l2"><a class="reference internal" href="installation.html#cloud-native">Cloud-native!</a></li>
<li class="toctree-l2"><a class="reference internal" href="installation.html#os-dependencies">OS dependencies</a></li>
<li class="toctree-l2"><a class="reference internal" href="installation.html#python-virtualenv">Python virtualenv</a></li>
<li class="toctree-l2"><a class="reference internal" href="installation.html#python-s-setup-tools-and-pip">Python’s setup tools and pip</a></li>
<li class="toctree-l2"><a class="reference internal" href="installation.html#superset-installation-and-initialization">Superset installation and initialization</a></li>
+<li class="toctree-l2"><a class="reference internal" href="installation.html#a-proper-wsgi-http-server">A proper WSGI HTTP Server</a></li>
<li class="toctree-l2"><a class="reference internal" href="installation.html#configuration-behind-a-load-balancer">Configuration behind a load balancer</a></li>
<li class="toctree-l2"><a class="reference internal" href="installation.html#configuration">Configuration</a></li>
<li class="toctree-l2"><a class="reference internal" href="installation.html#database-dependencies">Database dependencies</a></li>
@@ -199,6 +201,7 @@ to the user</li>
<li class="toctree-l2"><a class="reference internal" href="installation.html#caching">Caching</a></li>
<li class="toctree-l2"><a class="reference internal" href="installation.html#deeper-sqlalchemy-integration">Deeper SQLAlchemy integration</a></li>
<li class="toctree-l2"><a class="reference internal" href="installation.html#schemas-postgres-redshift">Schemas (Postgres & Redshift)</a></li>
+<li class="toctree-l2"><a class="reference internal" href="installation.html#external-password-store-for-sqlalchemy-connections">External Password store for SQLAlchemy connections</a></li>
<li class="toctree-l2"><a class="reference internal" href="installation.html#ssl-access-to-databases">SSL Access to databases</a></li>
<li class="toctree-l2"><a class="reference internal" href="installation.html#druid">Druid</a></li>
<li class="toctree-l2"><a class="reference internal" href="installation.html#cors">CORS</a></li>
@@ -262,6 +265,8 @@ to the user</li>
<li class="toctree-l2"><a class="reference internal" href="faq.html#how-do-i-add-new-columns-to-an-existing-table">How do I add new columns to an existing table</a></li>
<li class="toctree-l2"><a class="reference internal" href="faq.html#how-do-i-go-about-developing-a-new-visualization-type">How do I go about developing a new visualization type?</a></li>
<li class="toctree-l2"><a class="reference internal" href="faq.html#what-database-engine-can-i-use-as-a-backend-for-superset">What database engine can I use as a backend for Superset?</a></li>
+<li class="toctree-l2"><a class="reference internal" href="faq.html#how-can-i-configure-oauth-authentication-and-authorization">How can i configure OAuth authentication and authorization?</a></li>
+<li class="toctree-l2"><a class="reference internal" href="faq.html#how-can-i-set-a-default-filter-on-my-dashboard">How can I set a default filter on my dashboard?</a></li>
</ul>
</li>
</ul>
diff --git a/installation.html b/installation.html
index a99f2c4..87af66f 100644
--- a/installation.html
+++ b/installation.html
@@ -83,10 +83,12 @@
<ul class="current">
<li class="toctree-l1 current"><a class="current reference internal" href="#">Installation & Configuration</a><ul>
<li class="toctree-l2"><a class="reference internal" href="#getting-started">Getting Started</a></li>
+<li class="toctree-l2"><a class="reference internal" href="#cloud-native">Cloud-native!</a></li>
<li class="toctree-l2"><a class="reference internal" href="#os-dependencies">OS dependencies</a></li>
<li class="toctree-l2"><a class="reference internal" href="#python-virtualenv">Python virtualenv</a></li>
<li class="toctree-l2"><a class="reference internal" href="#python-s-setup-tools-and-pip">Python’s setup tools and pip</a></li>
<li class="toctree-l2"><a class="reference internal" href="#superset-installation-and-initialization">Superset installation and initialization</a></li>
+<li class="toctree-l2"><a class="reference internal" href="#a-proper-wsgi-http-server">A proper WSGI HTTP Server</a></li>
<li class="toctree-l2"><a class="reference internal" href="#configuration-behind-a-load-balancer">Configuration behind a load balancer</a></li>
<li class="toctree-l2"><a class="reference internal" href="#configuration">Configuration</a></li>
<li class="toctree-l2"><a class="reference internal" href="#database-dependencies">Database dependencies</a></li>
@@ -94,6 +96,7 @@
<li class="toctree-l2"><a class="reference internal" href="#caching">Caching</a></li>
<li class="toctree-l2"><a class="reference internal" href="#deeper-sqlalchemy-integration">Deeper SQLAlchemy integration</a></li>
<li class="toctree-l2"><a class="reference internal" href="#schemas-postgres-redshift">Schemas (Postgres & Redshift)</a></li>
+<li class="toctree-l2"><a class="reference internal" href="#external-password-store-for-sqlalchemy-connections">External Password store for SQLAlchemy connections</a></li>
<li class="toctree-l2"><a class="reference internal" href="#ssl-access-to-databases">SSL Access to databases</a></li>
<li class="toctree-l2"><a class="reference internal" href="#druid">Druid</a></li>
<li class="toctree-l2"><a class="reference internal" href="#cors">CORS</a></li>
@@ -162,6 +165,30 @@
Airbnb currently uses 2.7.* in production. We do not plan on supporting
Python <code class="docutils literal"><span class="pre">2.6</span></code>.</p>
</div>
+<div class="section" id="cloud-native">
+<h2>Cloud-native!<a class="headerlink" href="#cloud-native" title="Permalink to this headline">¶</a></h2>
+<p>Superset is designed to be highly available. It is
+“cloud-native” as it has been designed scale out in large,
+distributed environments, and works well inside containers.
+While you can easily
+test drive Superset on a modest setup or simply on your laptop,
+there’s virtually no limit around scaling out the platform.
+Superset is also cloud-native in the sense that it is
+flexible and lets you choose your web server (Gunicorn, Nginx, Apache),
+your metadata database engine (MySQL, Postgres, MariaDB, ...),
+your message queue (Redis, RabbitMQ, SQS, ...),
+your results backend (S3, Redis, Memcached, ...), your caching layer
+(memcached, Redis, ...), works well with services like NewRelic, StatsD and
+DataDog, and has the ability to run analytic workloads against
+most popular database technologies.</p>
+<p>Superset is battle tested in large environments with hundreds
+of concurrent users. Airbnb’s production environment runs inside
+Kubernetes and serves 600+ daily active users viewing over 100K charts a
+day.</p>
+<p>The Superset web server and the Superset Celery workers (optional)
+are stateless, so you can scale out by running on as many servers
+as needed.</p>
+</div>
<div class="section" id="os-dependencies">
<h2>OS dependencies<a class="headerlink" href="#os-dependencies" title="Permalink to this headline">¶</a></h2>
<p>Superset stores database connection information in its metadata database.
@@ -256,10 +283,37 @@ the credential you entered while creating the admin account, and navigate to
<cite>Menu -> Admin -> Refresh Metadata</cite>. This action should bring in all of
your datasources for Superset to be aware of, and they should show up in
<cite>Menu -> Datasources</cite>, from where you can start playing with your data!</p>
-<p>Please note that <em>gunicorn</em>, Superset default application server, does not
-work on Windows so you need to use the development web server.
-The development web server though is not intended to be used on production systems
-so better use a supported platform that can run <em>gunicorn</em>.</p>
+</div>
+<div class="section" id="a-proper-wsgi-http-server">
+<h2>A proper WSGI HTTP Server<a class="headerlink" href="#a-proper-wsgi-http-server" title="Permalink to this headline">¶</a></h2>
+<p>While you can setup Superset to run on Nginx or Apache, many use
+Gunicorn, preferably in <strong>async mode</strong>, which allows for impressive
+concurrency even and is fairly easy to install and configure. Please
+refer to the
+documentation of your preferred technology to set up this Flask WSGI
+application in a way that works well in your environment.</p>
+<p>While the <cite>superset runserver</cite> command act as an quick wrapper
+around <cite>gunicorn</cite>, it doesn’t expose all the options you may need,
+so you’ll want to craft your own <cite>gunicorn</cite> command in your production
+environment. Here’s an <strong>async</strong> setup known to work well:</p>
+<div class="highlight-default"><div class="highlight"><pre><span></span><span class="n">gunicorn</span> \
+ <span class="o">-</span><span class="n">w</span> <span class="mi">10</span> \
+ <span class="o">-</span><span class="n">k</span> <span class="n">gevent</span> \
+ <span class="o">--</span><span class="n">timeout</span> <span class="mi">120</span> \
+ <span class="o">-</span><span class="n">b</span> <span class="mf">0.0</span><span class="o">.</span><span class="mf">0.0</span><span class="p">:</span><span class="mi">6666</span> \
+ <span class="o">--</span><span class="n">limit</span><span class="o">-</span><span class="n">request</span><span class="o">-</span><span class="n">line</span> <span class="mi">0</span> \
+ <span class="o">--</span><span class="n">limit</span><span class="o">-</span><span class="n">request</span><span class="o">-</span><span class="n">field_size</span> <span class="mi">0</span> \
+ <span class="o">--</span><span class="n">statsd</span><span class="o">-</span><span class="n">host</span> <span class="n">localhost</span><span class="p">:</span><span class="mi">8125</span> \
+ <span class="n">superset</span><span class="p">:</span><span class="n">app</span>
+</pre></div>
+</div>
+<p>Refer to the
+[Gunicorn documentation](<a class="reference external" href="http://docs.gunicorn.org/en/stable/design.html">http://docs.gunicorn.org/en/stable/design.html</a>)
+for more information.</p>
+<p>Note that <em>gunicorn</em> does not
+work on Windows so the <cite>superser runserver</cite> command is not expected to work
+in that context. Also note that the development web
+server (<cite>superset runserver -d</cite>) is not intended for production use.</p>
</div>
<div class="section" id="configuration-behind-a-load-balancer">
<h2>Configuration behind a load balancer<a class="headerlink" href="#configuration-behind-a-load-balancer" title="Permalink to this headline">¶</a></h2>
@@ -301,6 +355,8 @@ of the parameters you can copy / paste in that configuration module:</p>
<span class="c1"># Flask-WTF flag for CSRF</span>
<span class="n">WTF_CSRF_ENABLED</span> <span class="o">=</span> <span class="kc">True</span>
+<span class="c1"># Add endpoints that need to be exempt from CSRF protection</span>
+<span class="n">WTF_CSRF_EXEMPT_LIST</span> <span class="o">=</span> <span class="p">[]</span>
<span class="c1"># Set this API key to enable Mapbox visualizations</span>
<span class="n">MAPBOX_API_KEY</span> <span class="o">=</span> <span class="s1">''</span>
@@ -315,6 +371,10 @@ for more information on how to configure Superset.</p>
<li><em>SQLALCHEMY_DATABASE_URI</em>, by default it is stored at <em>~/.superset/superset.db</em></li>
<li><em>SECRET_KEY</em>, to a long random string</li>
</ul>
+<p>In case you need to exempt endpoints from CSRF, e.g. you are running a custom
+auth postback endpoint, you can add them to <em>WTF_CSRF_EXEMPT_LIST</em></p>
+<blockquote>
+<div>WTF_CSRF_EXEMPT_LIST = [‘’]</div></blockquote>
</div>
<div class="section" id="database-dependencies">
<h2>Database dependencies<a class="headerlink" href="#database-dependencies" title="Permalink to this headline">¶</a></h2>
@@ -400,10 +460,6 @@ database you want to connect to should get you to the right place.</p>
</div>
<div class="section" id="aws-athena">
<h2>(AWS) Athena<a class="headerlink" href="#aws-athena" title="Permalink to this headline">¶</a></h2>
-<p>This currently relies on an unreleased future version of <a class="reference external" href="https://github.com/laughingman7743/PyAthenaJDBC">PyAthenaJDBC</a>. If you’re adventurous or simply impatient, you can install directly from git:</p>
-<div class="highlight-default"><div class="highlight"><pre><span></span><span class="n">pip</span> <span class="n">install</span> <span class="n">git</span><span class="o">+</span><span class="n">https</span><span class="p">:</span><span class="o">//</span><span class="n">github</span><span class="o">.</span><span class="n">com</span><span class="o">/</span><span class="n">laughingman7743</span><span class="o">/</span><span class="n">PyAthenaJDBC</span><span class="nd">@support_sqlalchem [...]
-</pre></div>
-</div>
<p>The connection string for Athena looks like this</p>
<div class="highlight-default"><div class="highlight"><pre><span></span>awsathena+jdbc://{aws_access_key_id}:{aws_secret_access_key}@athena.{region_name}.amazonaws.com/{schema_name}?s3_staging_dir={s3_staging_dir}&...
</pre></div>
@@ -451,6 +507,23 @@ use the concept of <strong>schema</strong> as a logical entity
on top of the <strong>database</strong>. For Superset to connect to a specific schema,
there’s a <strong>schema</strong> parameter you can set in the table form.</p>
</div>
+<div class="section" id="external-password-store-for-sqlalchemy-connections">
+<h2>External Password store for SQLAlchemy connections<a class="headerlink" href="#external-password-store-for-sqlalchemy-connections" title="Permalink to this headline">¶</a></h2>
+<p>It is possible to use an external store for you database passwords. This is
+useful if you a running a custom secret distribution framework and do not wish
+to store secrets in Superset’s meta database.</p>
+<p>Example:
+Write a function that takes a single argument of type <code class="docutils literal"><span class="pre">sqla.engine.url</span></code> and returns
+the password for the given connection string. Then set <code class="docutils literal"><span class="pre">SQLALCHEMY_CUSTOM_PASSWORD_STORE</span></code>
+in your config file to point to that function.</p>
+<div class="highlight-default"><div class="highlight"><pre><span></span><span class="k">def</span> <span class="nf">example_lookup_password</span><span class="p">(</span><span class="n">url</span><span class="p">):</span>
+ <span class="n">secret</span> <span class="o">=</span> <span class="o"><<</span><span class="n">get</span> <span class="n">password</span> <span class="kn">from</span> <span class="nn">external</span> <span class="n">framework</span><span class="o">>></span>
+ <span class="k">return</span> <span class="s1">'secret'</span>
+
+<span class="n">SQLALCHEMY_CUSTOM_PASSWORD_STORE</span> <span class="o">=</span> <span class="n">example_lookup_password</span>
+</pre></div>
+</div>
+</div>
<div class="section" id="ssl-access-to-databases">
<h2>SSL Access to databases<a class="headerlink" href="#ssl-access-to-databases" title="Permalink to this headline">¶</a></h2>
<p>This example worked with a MySQL database that requires SSL. The configuration
diff --git a/searchindex.js b/searchindex.js
index b6a6cbe..829b17e 100644
--- a/searchindex.js
+++ b/searchindex.js
@@ -1 +1 @@
-Search.setIndex({envversion:49,filenames:["druid","faq","gallery","index","installation","security","sqllab","tutorial","videos","visualization"],objects:{"superset.jinja_context":{PrestoTemplateProcessor:[6,0,1,""],url_param:[6,1,1,""]}},objnames:{"0":["py","class","Python class"],"1":["py","function","Python function"]},objtypes:{"0":"py:class","1":"py:function"},terms:{"1thisismyscretkei":4,"37k":7,"3aclose":1,"3aexampl":1,"\u00e1lava":9,"\u00e1vila":9,"a\u00eft":9,"abstract":1,"almer [...]
\ No newline at end of file
+Search.setIndex({envversion:49,filenames:["druid","faq","gallery","index","installation","security","sqllab","tutorial","videos","visualization"],objects:{"superset.jinja_context":{PrestoTemplateProcessor:[6,0,1,""],url_param:[6,1,1,""]}},objnames:{"0":["py","class","Python class"],"1":["py","function","Python function"]},objtypes:{"0":"py:class","1":"py:function"},terms:{"100k":4,"1thisismyscretkei":4,"37k":7,"3aclose":1,"3aexampl":1,"\u00e1lava":9,"\u00e1vila":9,"a\u00eft":9,"abstract" [...]
\ No newline at end of file
diff --git a/security.html b/security.html
index 11b98c6..9de7901 100644
--- a/security.html
+++ b/security.html
@@ -153,7 +153,8 @@
<h1>Security<a class="headerlink" href="#security" title="Permalink to this headline">¶</a></h1>
<p>Security in Superset is handled by Flask AppBuilder (FAB). FAB is a
“Simple and rapid application development framework, built on top of Flask.”.
-FAB provides authentication, user management, permissions and roles.</p>
+FAB provides authentication, user management, permissions and roles.
+Please read its <a class="reference external" href="http://flask-appbuilder.readthedocs.io/en/latest/security.html">Security documentation</a>.</p>
<div class="section" id="provided-roles">
<h2>Provided Roles<a class="headerlink" href="#provided-roles" title="Permalink to this headline">¶</a></h2>
<p>Superset ships with a set of roles that are handled by Superset itself.
@@ -182,7 +183,7 @@ own. Alpha users can add and alter data sources.</p>
<div class="section" id="gamma">
<h3>Gamma<a class="headerlink" href="#gamma" title="Permalink to this headline">¶</a></h3>
<p>Gamma have limited access. They can only consume data coming from data sources
-they have been giving access to through another complementary role.
+they have been given access to through another complementary role.
They only have access to view the slices and
dashboards made from data sources that they have access to. Currently Gamma
users are not able to alter or add data sources. We assume that they are
diff --git a/sql b/sql
new file mode 100644
index 0000000..6a8a2fa
--- /dev/null
+++ b/sql
@@ -0,0 +1,13 @@
+set hive.exec.dynamic.partition.mode=nonstrict;
+INSERT OVERWRITE TABLE db_exports.superset_logs_v01 PARTITION (ds)
+SELECT id, action, user_id,
+ json,
+ dttm,
+ dashboard_id,
+ slice_id,
+ dt,
+ duration_ms,
+ referrer,
+ ds
+FROM db_exports.panoramix_prod_logs_v01
+WHERE ds >= '2017-08-01' aND ds <= '2017-08-10';