You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@superset.apache.org by GitBox <gi...@apache.org> on 2021/07/17 04:38:52 UTC

[GitHub] [superset] john-bodley commented on a change in pull request #15636: refactor: Move is_user_admin() to security_manager

john-bodley commented on a change in pull request #15636:
URL: https://github.com/apache/superset/pull/15636#discussion_r671608092



##########
File path: superset/security/manager.py
##########
@@ -1206,3 +1205,16 @@ def can_access_based_on_dashboard(datasource: "BaseDatasource") -> bool:
 
         exists = db.session.query(query.exists()).scalar()
         return exists
+
+    def is_user_admin(self) -> bool:
+        if g.user.is_anonymous:
+            from superset import conf
+
+            public_role = conf.get("AUTH_ROLE_PUBLIC")
+            user_roles = [self.find_role(public_role)] if public_role else []
+        else:
+            user_roles = g.user.roles
+
+        user_roles = [role.name.lower() for role in user_roles]
+
+        return "admin" in user_roles

Review comment:
       ```suggestion
   ```

##########
File path: superset/security/manager.py
##########
@@ -1206,3 +1205,16 @@ def can_access_based_on_dashboard(datasource: "BaseDatasource") -> bool:
 
         exists = db.session.query(query.exists()).scalar()
         return exists
+
+    def is_user_admin(self) -> bool:
+        if g.user.is_anonymous:
+            from superset import conf

Review comment:
       I know that this pattern is used elsewhere in this file, but `current_app.config.get(...)` seems more Flask like.

##########
File path: superset/security/manager.py
##########
@@ -1206,3 +1205,16 @@ def can_access_based_on_dashboard(datasource: "BaseDatasource") -> bool:
 
         exists = db.session.query(query.exists()).scalar()
         return exists
+
+    def is_user_admin(self) -> bool:
+        if g.user.is_anonymous:
+            from superset import conf
+
+            public_role = conf.get("AUTH_ROLE_PUBLIC")
+            user_roles = [self.find_role(public_role)] if public_role else []
+        else:
+            user_roles = g.user.roles
+
+        user_roles = [role.name.lower() for role in user_roles]

Review comment:
       ```suggestion
           return "admin" in [role.name.lower() for role in user_roles]
   ```




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org