You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@superset.apache.org by GitBox <gi...@apache.org> on 2022/03/17 18:37:08 UTC
[GitHub] [superset] lilykuang opened a new pull request #19242: fix: allow subquery in ad-hoc SQL
lilykuang opened a new pull request #19242:
URL: https://github.com/apache/superset/pull/19242
<!---
Please write the PR title following the conventions at https://www.conventionalcommits.org/en/v1.0.0/
Example:
fix(dashboard): load charts correctly
-->
### SUMMARY
<!--- Describe the change below, including rationale and design decisions -->
RLS only works for basic case. The chart/data api allows several controls (ad-hoc metrics, ad-hoc filters) where users can write any SQL in these fields, including subqueries. Any subqueries, or nested subqueries, do not currently have RLS rules applied to them and thus can leak data users shouldn’t have access to.
This PR allows most of ad-hoc sql but reject adhoc contains subqueries or nested subqueries. It is using helper #19055. The feature flag `ALLOW_ADHOC_SUBQUERY` is set to True by default to maintain the current workflow.
We will have a follow up implementation to add RLS rules to subqueries and nested subqueries.
### BEFORE/AFTER SCREENSHOTS OR ANIMATED GIF
<!--- Skip this if not applicable -->
### TESTING INSTRUCTIONS
<!--- Required! What steps can be taken to manually verify the changes? -->
### ADDITIONAL INFORMATION
<!--- Check any relevant boxes with "x" -->
<!--- HINT: Include "Fixes #nnn" if you are fixing an existing issue -->
- [ ] Has associated issue:
- [ ] Required feature flags:
- [ ] Changes UI
- [ ] Includes DB Migration (follow approval process in [SIP-59](https://github.com/apache/superset/issues/13351))
- [ ] Migration is atomic, supports rollback & is backwards-compatible
- [ ] Confirm DB migration upgrade and downgrade tested
- [ ] Runtime estimates and downtime expectations provided
- [ ] Introduces new feature or API
- [ ] Removes existing feature or API
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org
[GitHub] [superset] codecov[bot] edited a comment on pull request #19242: fix: allow subquery in ad-hoc SQL (WIP)
Posted by GitBox <gi...@apache.org>.
codecov[bot] edited a comment on pull request #19242:
URL: https://github.com/apache/superset/pull/19242#issuecomment-1071280201
# [Codecov](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=h1&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) Report
> Merging [#19242](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) (c36a206) into [master](https://codecov.io/gh/apache/superset/commit/51061f0d672abca29f84943acb16a37403f25c2e?el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) (51061f0) will **increase** coverage by `0.00%`.
> The diff coverage is `76.47%`.
> :exclamation: Current head c36a206 differs from pull request most recent head 6633f7f. Consider uploading reports for the commit 6633f7f to get more accurate results
```diff
@@ Coverage Diff @@
## master #19242 +/- ##
=======================================
Coverage 66.76% 66.76%
=======================================
Files 1670 1670
Lines 64392 64406 +14
Branches 6499 6499
=======================================
+ Hits 42991 43001 +10
- Misses 19718 19722 +4
Partials 1683 1683
```
| Flag | Coverage Δ | |
|---|---|---|
| hive | `52.53% <70.58%> (+<0.01%)` | :arrow_up: |
| mysql | `81.96% <76.47%> (-0.01%)` | :arrow_down: |
| postgres | `82.01% <76.47%> (-0.01%)` | :arrow_down: |
| presto | `52.38% <70.58%> (+<0.01%)` | :arrow_up: |
| python | `82.43% <76.47%> (-0.01%)` | :arrow_down: |
| sqlite | `81.76% <76.47%> (-0.01%)` | :arrow_down: |
Flags with carried forward coverage won't be shown. [Click here](https://docs.codecov.io/docs/carryforward-flags?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#carryforward-flags-in-the-pull-request-comment) to find out more.
| [Impacted Files](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) | Coverage Δ | |
|---|---|---|
| [superset/config.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvY29uZmlnLnB5) | `91.82% <ø> (ø)` | |
| [superset/connectors/sqla/utils.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvY29ubmVjdG9ycy9zcWxhL3V0aWxzLnB5) | `86.66% <60.00%> (-5.50%)` | :arrow_down: |
| [superset/connectors/sqla/models.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvY29ubmVjdG9ycy9zcWxhL21vZGVscy5weQ==) | `90.15% <100.00%> (+0.03%)` | :arrow_up: |
| [superset/errors.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvZXJyb3JzLnB5) | `94.44% <100.00%> (+0.07%)` | :arrow_up: |
------
[Continue to review full report at Codecov](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=continue&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation).
> **Legend** - [Click here to learn more](https://docs.codecov.io/docs/codecov-delta?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation)
> `Δ = absolute <relative> (impact)`, `ø = not affected`, `? = missing data`
> Powered by [Codecov](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=footer&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation). Last update [51061f0...6633f7f](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=lastupdated&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation). Read the [comment docs](https://docs.codecov.io/docs/pull-request-comments?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation).
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org
[GitHub] [superset] betodealmeida commented on a change in pull request #19242: fix: allow subquery in ad-hoc SQL (WIP)
Posted by GitBox <gi...@apache.org>.
betodealmeida commented on a change in pull request #19242:
URL: https://github.com/apache/superset/pull/19242#discussion_r829600607
##########
File path: superset/connectors/sqla/models.py
##########
@@ -1165,7 +1169,7 @@ def get_sqla_query( # pylint: disable=too-many-arguments,too-many-locals,too-ma
# if groupby field equals a selected column
elif selected in columns_by_name:
outer = columns_by_name[selected].get_sqla_col()
- else:
+ elif validate_adhoc_subquery(selected):
Review comment:
Same here:
```suggestion
else:
validate_adhoc_subquery(selected)
```
##########
File path: superset/connectors/sqla/utils.py
##########
@@ -119,3 +120,29 @@ def get_virtual_table_metadata(dataset: "SqlaTable") -> List[Dict[str, str]]:
except Exception as ex:
raise SupersetGenericDBErrorException(message=str(ex)) from ex
return cols
+
+
+def validate_adhoc_subquery(raw_sql: str) -> bool:
+ """
+ check adhoc SQL contains sub-queries or nested sub-queries with table
+ :param raw_sql: adhoc sql expression
+ :return True if sql contains no sub-queries or nested sub-queries with table
+ :raise SupersetSecurityException if sql contains sub-queries or
+ nested sub-queries with table
+ """
+ # pylint: disable=import-outside-toplevel
+ from superset import is_feature_enabled
+
+ if is_feature_enabled("ALLOW_ADHOC_SUBQUERY"):
+ return True
+
+ for statement in sqlparse.parse(raw_sql):
+ if has_table_query(statement):
+ raise SupersetSecurityException(
+ SupersetError(
+ error_type=SupersetErrorType.ADHOC_SUBQUERY_NOT_ALLOWED_ERROR,
+ message=_("Custom SQL fields cannot contain sub-queries."),
+ level=ErrorLevel.ERROR,
+ )
+ )
+ return True
Review comment:
My suggestion here would be:
```suggestion
def validate_adhoc_subquery(raw_sql: str) -> None:
"""
Check if adhoc SQL contains sub-queries or nested sub-queries with table
:param raw_sql: adhoc sql expression
:raise SupersetSecurityException if sql contains sub-queries or
nested sub-queries with table
"""
# pylint: disable=import-outside-toplevel
from superset import is_feature_enabled
if is_feature_enabled("ALLOW_ADHOC_SUBQUERY"):
return
for statement in sqlparse.parse(raw_sql):
if has_table_query(statement):
raise SupersetSecurityException(
SupersetError(
error_type=SupersetErrorType.ADHOC_SUBQUERY_NOT_ALLOWED_ERROR,
message=_("Custom SQL fields cannot contain sub-queries."),
level=ErrorLevel.ERROR,
)
)
return
```
##########
File path: superset/connectors/sqla/models.py
##########
@@ -1180,7 +1184,7 @@ def get_sqla_query( # pylint: disable=too-many-arguments,too-many-locals,too-ma
for selected in columns:
select_exprs.append(
columns_by_name[selected].get_sqla_col()
- if selected in columns_by_name
+ if selected in columns_by_name and validate_adhoc_subquery(selected)
Review comment:
This and line 1395 would also require some modification. Here something like:
```python
for selected in columns:
validate_adhoc_subquery(selected)
selec_exprs.append(...)
```
##########
File path: superset/connectors/sqla/models.py
##########
@@ -906,9 +908,11 @@ def adhoc_column_to_sqla(
"""
label = utils.get_column_name(col)
expression = col["sqlExpression"]
+ sqla_metric = None
if template_processor and expression:
expression = template_processor.process_template(expression)
- sqla_metric = literal_column(expression)
+ if expression and validate_adhoc_subquery(expression):
+ sqla_metric = literal_column(expression)
Review comment:
Not sure if my explanation made sense, but my suggestion was to change this to:
```suggestion
validate_adhoc_subquery(expression)
sqla_metric = literal_column(expression)
```
Because when I read the code `if expression and validate_adhoc_subquery(expression):` I wonder "what happens when `validate_adhoc_subquery(expression)` is false?", but that's a situation that can never happen, because the function currently can only return `True` (or raise an exception).
Having the function return `None` instead makes it easier to understand what's going on where it's being used.
(Alternatively, you could modify the function to return `True` or `False`, and raise the exception at the call site based on its return value. But because you're calling it from multiple places I think it's not worth it.)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org
[GitHub] [superset] sadpandajoe commented on pull request #19242: fix: allow subquery in ad-hoc SQL
Posted by GitBox <gi...@apache.org>.
sadpandajoe commented on pull request #19242:
URL: https://github.com/apache/superset/pull/19242#issuecomment-1072868687
🏷️ preset:2022.11
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org
[GitHub] [superset] lilykuang merged pull request #19242: fix: allow subquery in ad-hoc SQL (WIP)
Posted by GitBox <gi...@apache.org>.
lilykuang merged pull request #19242:
URL: https://github.com/apache/superset/pull/19242
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org
[GitHub] [superset] codecov[bot] edited a comment on pull request #19242: fix: allow subquery in ad-hoc SQL (WIP)
Posted by GitBox <gi...@apache.org>.
codecov[bot] edited a comment on pull request #19242:
URL: https://github.com/apache/superset/pull/19242#issuecomment-1071280201
# [Codecov](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=h1&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) Report
> Merging [#19242](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) (c36a206) into [master](https://codecov.io/gh/apache/superset/commit/51061f0d672abca29f84943acb16a37403f25c2e?el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) (51061f0) will **increase** coverage by `0.00%`.
> The diff coverage is `76.47%`.
> :exclamation: Current head c36a206 differs from pull request most recent head 0a0e343. Consider uploading reports for the commit 0a0e343 to get more accurate results
```diff
@@ Coverage Diff @@
## master #19242 +/- ##
=======================================
Coverage 66.76% 66.76%
=======================================
Files 1670 1670
Lines 64392 64406 +14
Branches 6499 6499
=======================================
+ Hits 42991 43001 +10
- Misses 19718 19722 +4
Partials 1683 1683
```
| Flag | Coverage Δ | |
|---|---|---|
| hive | `52.53% <70.58%> (+<0.01%)` | :arrow_up: |
| mysql | `81.96% <76.47%> (-0.01%)` | :arrow_down: |
| postgres | `82.01% <76.47%> (-0.01%)` | :arrow_down: |
| presto | `52.38% <70.58%> (+<0.01%)` | :arrow_up: |
| python | `82.43% <76.47%> (-0.01%)` | :arrow_down: |
| sqlite | `81.76% <76.47%> (-0.01%)` | :arrow_down: |
Flags with carried forward coverage won't be shown. [Click here](https://docs.codecov.io/docs/carryforward-flags?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#carryforward-flags-in-the-pull-request-comment) to find out more.
| [Impacted Files](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) | Coverage Δ | |
|---|---|---|
| [superset/config.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvY29uZmlnLnB5) | `91.82% <ø> (ø)` | |
| [superset/connectors/sqla/utils.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvY29ubmVjdG9ycy9zcWxhL3V0aWxzLnB5) | `86.66% <60.00%> (-5.50%)` | :arrow_down: |
| [superset/connectors/sqla/models.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvY29ubmVjdG9ycy9zcWxhL21vZGVscy5weQ==) | `90.15% <100.00%> (+0.03%)` | :arrow_up: |
| [superset/errors.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvZXJyb3JzLnB5) | `94.44% <100.00%> (+0.07%)` | :arrow_up: |
------
[Continue to review full report at Codecov](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=continue&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation).
> **Legend** - [Click here to learn more](https://docs.codecov.io/docs/codecov-delta?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation)
> `Δ = absolute <relative> (impact)`, `ø = not affected`, `? = missing data`
> Powered by [Codecov](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=footer&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation). Last update [51061f0...0a0e343](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=lastupdated&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation). Read the [comment docs](https://docs.codecov.io/docs/pull-request-comments?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation).
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org
[GitHub] [superset] betodealmeida commented on a change in pull request #19242: fix: allow subquery in ad-hoc SQL (WIP)
Posted by GitBox <gi...@apache.org>.
betodealmeida commented on a change in pull request #19242:
URL: https://github.com/apache/superset/pull/19242#discussion_r829461122
##########
File path: superset/config.py
##########
@@ -443,6 +443,7 @@ def _try_json_readsha(filepath: str, length: int) -> Optional[str]:
"ALLOW_FULL_CSV_EXPORT": False,
"UX_BETA": False,
"GENERIC_CHART_AXES": False,
+ "ALLOW_ADHOC_SUBQUERY": True,
Review comment:
I agree, even though this is technically a breaking change it prevents people from bypassing security rules.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org
[GitHub] [superset] suddjian commented on a change in pull request #19242: fix: allow subquery in ad-hoc SQL
Posted by GitBox <gi...@apache.org>.
suddjian commented on a change in pull request #19242:
URL: https://github.com/apache/superset/pull/19242#discussion_r829390025
##########
File path: superset/config.py
##########
@@ -443,6 +443,7 @@ def _try_json_readsha(filepath: str, length: int) -> Optional[str]:
"ALLOW_FULL_CSV_EXPORT": False,
"UX_BETA": False,
"GENERIC_CHART_AXES": False,
+ "ALLOW_ADHOC_SUBQUERY": True,
Review comment:
This should probably default to False since subqueries currently can violate access rules. We can change the default to True once we have more protections in place.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org
[GitHub] [superset] codecov[bot] edited a comment on pull request #19242: fix: allow subquery in ad-hoc SQL (WIP)
Posted by GitBox <gi...@apache.org>.
codecov[bot] edited a comment on pull request #19242:
URL: https://github.com/apache/superset/pull/19242#issuecomment-1071280201
# [Codecov](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=h1&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) Report
> Merging [#19242](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) (8163c42) into [master](https://codecov.io/gh/apache/superset/commit/51061f0d672abca29f84943acb16a37403f25c2e?el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) (51061f0) will **decrease** coverage by `0.16%`.
> The diff coverage is `78.26%`.
> :exclamation: Current head 8163c42 differs from pull request most recent head 16f5f3d. Consider uploading reports for the commit 16f5f3d to get more accurate results
```diff
@@ Coverage Diff @@
## master #19242 +/- ##
==========================================
- Coverage 66.76% 66.59% -0.17%
==========================================
Files 1670 1670
Lines 64392 64413 +21
Branches 6499 6499
==========================================
- Hits 42991 42899 -92
- Misses 19718 19831 +113
Partials 1683 1683
```
| Flag | Coverage Δ | |
|---|---|---|
| hive | `?` | |
| mysql | `81.96% <78.26%> (-0.01%)` | :arrow_down: |
| postgres | `82.01% <78.26%> (-0.01%)` | :arrow_down: |
| presto | `?` | |
| python | `82.10% <78.26%> (-0.35%)` | :arrow_down: |
| sqlite | `81.76% <78.26%> (-0.01%)` | :arrow_down: |
Flags with carried forward coverage won't be shown. [Click here](https://docs.codecov.io/docs/carryforward-flags?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#carryforward-flags-in-the-pull-request-comment) to find out more.
| [Impacted Files](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) | Coverage Δ | |
|---|---|---|
| [superset/config.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvY29uZmlnLnB5) | `91.82% <ø> (ø)` | |
| [superset/views/sql\_lab.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvdmlld3Mvc3FsX2xhYi5weQ==) | `59.33% <20.00%> (-1.36%)` | :arrow_down: |
| [superset/connectors/sqla/utils.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvY29ubmVjdG9ycy9zcWxhL3V0aWxzLnB5) | `91.66% <90.00%> (-0.50%)` | :arrow_down: |
| [superset/connectors/sqla/models.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvY29ubmVjdG9ycy9zcWxhL21vZGVscy5weQ==) | `88.94% <100.00%> (-1.18%)` | :arrow_down: |
| [superset/errors.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvZXJyb3JzLnB5) | `94.44% <100.00%> (+0.07%)` | :arrow_up: |
| [superset/models/sql\_lab.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvbW9kZWxzL3NxbF9sYWIucHk=) | `91.55% <100.00%> (ø)` | |
| [superset/db\_engines/hive.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvZGJfZW5naW5lcy9oaXZlLnB5) | `0.00% <0.00%> (-85.19%)` | :arrow_down: |
| [superset/db\_engine\_specs/hive.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvZGJfZW5naW5lX3NwZWNzL2hpdmUucHk=) | `70.00% <0.00%> (-15.77%)` | :arrow_down: |
| [superset/db\_engine\_specs/presto.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvZGJfZW5naW5lX3NwZWNzL3ByZXN0by5weQ==) | `83.47% <0.00%> (-5.65%)` | :arrow_down: |
| ... and [3 more](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree-more&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) | |
------
[Continue to review full report at Codecov](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=continue&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation).
> **Legend** - [Click here to learn more](https://docs.codecov.io/docs/codecov-delta?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation)
> `Δ = absolute <relative> (impact)`, `ø = not affected`, `? = missing data`
> Powered by [Codecov](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=footer&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation). Last update [51061f0...16f5f3d](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=lastupdated&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation). Read the [comment docs](https://docs.codecov.io/docs/pull-request-comments?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation).
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org
[GitHub] [superset] betodealmeida commented on a change in pull request #19242: fix: allow subquery in ad-hoc SQL (WIP)
Posted by GitBox <gi...@apache.org>.
betodealmeida commented on a change in pull request #19242:
URL: https://github.com/apache/superset/pull/19242#discussion_r829472474
##########
File path: superset/connectors/sqla/utils.py
##########
@@ -119,3 +120,22 @@ def get_virtual_table_metadata(dataset: "SqlaTable") -> List[Dict[str, str]]:
except Exception as ex:
raise SupersetGenericDBErrorException(message=str(ex)) from ex
return cols
+
+
+def allow_adhoc_subquery(raw_sql: str) -> bool:
Review comment:
Ah, I was confused when I saw the use of this function on the file above (`superset/connectors/sqla/models.py`), I expected this to return `True` or `False`, but it never returns `False`.
I think it might be clearer to rename this function and change its signature to something like:
```python
def validate_adhoc_subquery(raw_sql: str) -> None
```
Then in the file above it will be easier to understand what's going on.
Also, can you add a docstring to this function?
##########
File path: superset/connectors/sqla/utils.py
##########
@@ -119,3 +120,22 @@ def get_virtual_table_metadata(dataset: "SqlaTable") -> List[Dict[str, str]]:
except Exception as ex:
raise SupersetGenericDBErrorException(message=str(ex)) from ex
return cols
+
+
+def allow_adhoc_subquery(raw_sql: str) -> bool:
+ # pylint: disable=import-outside-toplevel
+ from superset import is_feature_enabled
+
+ if is_feature_enabled("ALLOW_ADHOC_SUBQUERY"):
+ return True
+
+ statement = sqlparse.parse(raw_sql)[0]
+ if has_table_query(statement):
Review comment:
I think it's safe to assume the ad-hoc expression will have a single statement, but we might want to err on the side of caution just in case and do:
```python
for statement in sqlparse.parse(raw_sql):
if has_table_query(statement):
raise ...
```
##########
File path: superset/connectors/sqla/models.py
##########
@@ -885,7 +886,8 @@ def adhoc_metric_to_sqla(
elif expression_type == utils.AdhocMetricExpressionType.SQL:
tp = self.get_template_processor()
expression = tp.process_template(cast(str, metric["sqlExpression"]))
- sqla_metric = literal_column(expression)
+ if allow_adhoc_subquery(expression):
Review comment:
If this condition is not true then `sqla_metric` will be undefined in line 894.
##########
File path: superset/connectors/sqla/models.py
##########
@@ -1165,7 +1169,7 @@ def get_sqla_query( # pylint: disable=too-many-arguments,too-many-locals,too-ma
# if groupby field equals a selected column
elif selected in columns_by_name:
outer = columns_by_name[selected].get_sqla_col()
- else:
+ elif allow_adhoc_subquery(selected):
Review comment:
Same here, we need a fallback value for `outer` when `allow_adhoc_subquery(selected)` is false.
##########
File path: superset/errors.py
##########
@@ -138,10 +139,12 @@ class SupersetErrorType(str, Enum):
1034: _("The port number is invalid."),
1035: _("Failed to start remote query on a worker."),
1036: _("The database was deleted."),
+ 1037: _("Custom SQL does not allow subquery."),
Review comment:
```suggestion
1037: _("Custom SQL fields cannot contain subqueries."),
```
(keeping it consistent with Aaron's suggestion)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org
[GitHub] [superset] codecov[bot] edited a comment on pull request #19242: fix: allow subquery in ad-hoc SQL (WIP)
Posted by GitBox <gi...@apache.org>.
codecov[bot] edited a comment on pull request #19242:
URL: https://github.com/apache/superset/pull/19242#issuecomment-1071280201
# [Codecov](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=h1&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) Report
> Merging [#19242](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) (c36a206) into [master](https://codecov.io/gh/apache/superset/commit/51061f0d672abca29f84943acb16a37403f25c2e?el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) (51061f0) will **decrease** coverage by `0.01%`.
> The diff coverage is `76.47%`.
> :exclamation: Current head c36a206 differs from pull request most recent head 6633f7f. Consider uploading reports for the commit 6633f7f to get more accurate results
```diff
@@ Coverage Diff @@
## master #19242 +/- ##
==========================================
- Coverage 66.76% 66.74% -0.02%
==========================================
Files 1670 1670
Lines 64392 64406 +14
Branches 6499 6499
==========================================
- Hits 42991 42988 -3
- Misses 19718 19735 +17
Partials 1683 1683
```
| Flag | Coverage Δ | |
|---|---|---|
| hive | `52.53% <70.58%> (+<0.01%)` | :arrow_up: |
| mysql | `?` | |
| postgres | `82.01% <76.47%> (-0.01%)` | :arrow_down: |
| presto | `52.38% <70.58%> (+<0.01%)` | :arrow_up: |
| python | `82.39% <76.47%> (-0.05%)` | :arrow_down: |
| sqlite | `81.76% <76.47%> (-0.01%)` | :arrow_down: |
Flags with carried forward coverage won't be shown. [Click here](https://docs.codecov.io/docs/carryforward-flags?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#carryforward-flags-in-the-pull-request-comment) to find out more.
| [Impacted Files](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) | Coverage Δ | |
|---|---|---|
| [superset/config.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvY29uZmlnLnB5) | `91.82% <ø> (ø)` | |
| [superset/connectors/sqla/utils.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvY29ubmVjdG9ycy9zcWxhL3V0aWxzLnB5) | `86.66% <60.00%> (-5.50%)` | :arrow_down: |
| [superset/connectors/sqla/models.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvY29ubmVjdG9ycy9zcWxhL21vZGVscy5weQ==) | `90.15% <100.00%> (+0.03%)` | :arrow_up: |
| [superset/errors.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvZXJyb3JzLnB5) | `94.44% <100.00%> (+0.07%)` | :arrow_up: |
| [superset/common/utils/dataframe\_utils.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvY29tbW9uL3V0aWxzL2RhdGFmcmFtZV91dGlscy5weQ==) | `85.71% <0.00%> (-7.15%)` | :arrow_down: |
| [superset/db\_engine\_specs/mysql.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvZGJfZW5naW5lX3NwZWNzL215c3FsLnB5) | `93.97% <0.00%> (-3.62%)` | :arrow_down: |
| [superset/models/core.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvbW9kZWxzL2NvcmUucHk=) | `88.33% <0.00%> (-0.72%)` | :arrow_down: |
| [superset/views/core.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvdmlld3MvY29yZS5weQ==) | `75.34% <0.00%> (-0.44%)` | :arrow_down: |
------
[Continue to review full report at Codecov](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=continue&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation).
> **Legend** - [Click here to learn more](https://docs.codecov.io/docs/codecov-delta?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation)
> `Δ = absolute <relative> (impact)`, `ø = not affected`, `? = missing data`
> Powered by [Codecov](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=footer&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation). Last update [51061f0...6633f7f](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=lastupdated&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation). Read the [comment docs](https://docs.codecov.io/docs/pull-request-comments?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation).
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org
[GitHub] [superset] lilykuang commented on a change in pull request #19242: fix: allow subquery in ad-hoc SQL (WIP)
Posted by GitBox <gi...@apache.org>.
lilykuang commented on a change in pull request #19242:
URL: https://github.com/apache/superset/pull/19242#discussion_r829624321
##########
File path: superset/connectors/sqla/models.py
##########
@@ -1180,7 +1184,7 @@ def get_sqla_query( # pylint: disable=too-many-arguments,too-many-locals,too-ma
for selected in columns:
select_exprs.append(
columns_by_name[selected].get_sqla_col()
- if selected in columns_by_name
+ if selected in columns_by_name and validate_adhoc_subquery(selected)
Review comment:
that makes sense. thank you for clarifying your comments. I will update the method accordingly 😄.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org
[GitHub] [superset] suddjian commented on a change in pull request #19242: fix: allow subquery in ad-hoc SQL
Posted by GitBox <gi...@apache.org>.
suddjian commented on a change in pull request #19242:
URL: https://github.com/apache/superset/pull/19242#discussion_r829390025
##########
File path: superset/config.py
##########
@@ -443,6 +443,7 @@ def _try_json_readsha(filepath: str, length: int) -> Optional[str]:
"ALLOW_FULL_CSV_EXPORT": False,
"UX_BETA": False,
"GENERIC_CHART_AXES": False,
+ "ALLOW_ADHOC_SUBQUERY": True,
Review comment:
This should probably default to False since subqueries currently can violate access rules. We can change the default to True once we have more protections in place.
##########
File path: superset/connectors/sqla/utils.py
##########
@@ -119,3 +120,22 @@ def get_virtual_table_metadata(dataset: "SqlaTable") -> List[Dict[str, str]]:
except Exception as ex:
raise SupersetGenericDBErrorException(message=str(ex)) from ex
return cols
+
+
+def allow_adhoc_subquery(raw_sql: str) -> bool:
+ # pylint: disable=import-outside-toplevel
+ from superset import is_feature_enabled
+
+ if is_feature_enabled("ALLOW_ADHOC_SUBQUERY"):
+ return True
+
+ statement = sqlparse.parse(raw_sql)[0]
+ if has_table_query(statement):
+ raise SupersetSecurityException(
+ SupersetError(
+ error_type=SupersetErrorType.ADHOC_SUBQUERY_NOT_ALLOWED_ERROR,
+ message=_("Custom SQL does not allow subquery."),
Review comment:
```suggestion
message=_("Custom SQL fields cannot contain subqueries."),
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org
[GitHub] [superset] codecov[bot] edited a comment on pull request #19242: fix: allow subquery in ad-hoc SQL (WIP)
Posted by GitBox <gi...@apache.org>.
codecov[bot] edited a comment on pull request #19242:
URL: https://github.com/apache/superset/pull/19242#issuecomment-1071280201
# [Codecov](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=h1&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) Report
> Merging [#19242](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) (42f08a8) into [master](https://codecov.io/gh/apache/superset/commit/51061f0d672abca29f84943acb16a37403f25c2e?el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) (51061f0) will **decrease** coverage by `0.00%`.
> The diff coverage is `88.23%`.
```diff
@@ Coverage Diff @@
## master #19242 +/- ##
==========================================
- Coverage 66.76% 66.75% -0.01%
==========================================
Files 1670 1670
Lines 64392 64411 +19
Branches 6499 6499
==========================================
+ Hits 42991 43000 +9
- Misses 19718 19728 +10
Partials 1683 1683
```
| Flag | Coverage Δ | |
|---|---|---|
| hive | `52.55% <82.35%> (+0.02%)` | :arrow_up: |
| mysql | `81.96% <88.23%> (-0.01%)` | :arrow_down: |
| postgres | `82.00% <88.23%> (-0.03%)` | :arrow_down: |
| presto | `52.40% <82.35%> (+0.02%)` | :arrow_up: |
| python | `82.42% <88.23%> (-0.03%)` | :arrow_down: |
| sqlite | `81.76% <88.23%> (-0.01%)` | :arrow_down: |
Flags with carried forward coverage won't be shown. [Click here](https://docs.codecov.io/docs/carryforward-flags?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#carryforward-flags-in-the-pull-request-comment) to find out more.
| [Impacted Files](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) | Coverage Δ | |
|---|---|---|
| [superset/config.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvY29uZmlnLnB5) | `91.82% <ø> (ø)` | |
| [superset/connectors/sqla/utils.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvY29ubmVjdG9ycy9zcWxhL3V0aWxzLnB5) | `90.00% <80.00%> (-2.16%)` | :arrow_down: |
| [superset/connectors/sqla/models.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvY29ubmVjdG9ycy9zcWxhL21vZGVscy5weQ==) | `90.15% <100.00%> (+0.03%)` | :arrow_up: |
| [superset/errors.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvZXJyb3JzLnB5) | `94.44% <100.00%> (+0.07%)` | :arrow_up: |
| [superset/reports/commands/log\_prune.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvcmVwb3J0cy9jb21tYW5kcy9sb2dfcHJ1bmUucHk=) | `85.71% <0.00%> (-3.58%)` | :arrow_down: |
| [superset/views/sql\_lab.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvdmlld3Mvc3FsX2xhYi5weQ==) | `59.33% <0.00%> (-1.36%)` | :arrow_down: |
| [superset/commands/importers/v1/utils.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvY29tbWFuZHMvaW1wb3J0ZXJzL3YxL3V0aWxzLnB5) | `92.20% <0.00%> (-1.30%)` | :arrow_down: |
| [superset/common/query\_object.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvY29tbW9uL3F1ZXJ5X29iamVjdC5weQ==) | `95.13% <0.00%> (-0.55%)` | :arrow_down: |
| [superset/reports/commands/execute.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvcmVwb3J0cy9jb21tYW5kcy9leGVjdXRlLnB5) | `91.14% <0.00%> (-0.37%)` | :arrow_down: |
| [superset/models/sql\_lab.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvbW9kZWxzL3NxbF9sYWIucHk=) | `91.55% <0.00%> (ø)` | |
------
[Continue to review full report at Codecov](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=continue&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation).
> **Legend** - [Click here to learn more](https://docs.codecov.io/docs/codecov-delta?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation)
> `Δ = absolute <relative> (impact)`, `ø = not affected`, `? = missing data`
> Powered by [Codecov](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=footer&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation). Last update [51061f0...42f08a8](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=lastupdated&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation). Read the [comment docs](https://docs.codecov.io/docs/pull-request-comments?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation).
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org
[GitHub] [superset] betodealmeida commented on pull request #19242: fix: allow subquery in ad-hoc SQL (WIP)
Posted by GitBox <gi...@apache.org>.
betodealmeida commented on pull request #19242:
URL: https://github.com/apache/superset/pull/19242#issuecomment-1071385517
This looks great! I was confused by the behavior of `allow_adhoc_subquery`, so I left a suggestion on how to make it easier to understand.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org
[GitHub] [superset] codecov[bot] edited a comment on pull request #19242: fix: allow subquery in ad-hoc SQL (WIP)
Posted by GitBox <gi...@apache.org>.
codecov[bot] edited a comment on pull request #19242:
URL: https://github.com/apache/superset/pull/19242#issuecomment-1071280201
# [Codecov](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=h1&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) Report
> Merging [#19242](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) (42f08a8) into [master](https://codecov.io/gh/apache/superset/commit/51061f0d672abca29f84943acb16a37403f25c2e?el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) (51061f0) will **increase** coverage by `0.00%`.
> The diff coverage is `88.23%`.
> :exclamation: Current head 42f08a8 differs from pull request most recent head 3e4e4c0. Consider uploading reports for the commit 3e4e4c0 to get more accurate results
```diff
@@ Coverage Diff @@
## master #19242 +/- ##
=======================================
Coverage 66.76% 66.76%
=======================================
Files 1670 1670
Lines 64392 64411 +19
Branches 6499 6499
=======================================
+ Hits 42991 43004 +13
- Misses 19718 19724 +6
Partials 1683 1683
```
| Flag | Coverage Δ | |
|---|---|---|
| hive | `52.55% <82.35%> (+0.02%)` | :arrow_up: |
| mysql | `81.96% <88.23%> (-0.01%)` | :arrow_down: |
| postgres | `82.01% <88.23%> (-0.01%)` | :arrow_down: |
| presto | `52.40% <82.35%> (+0.02%)` | :arrow_up: |
| python | `82.43% <88.23%> (-0.01%)` | :arrow_down: |
| sqlite | `81.76% <88.23%> (-0.01%)` | :arrow_down: |
Flags with carried forward coverage won't be shown. [Click here](https://docs.codecov.io/docs/carryforward-flags?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#carryforward-flags-in-the-pull-request-comment) to find out more.
| [Impacted Files](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) | Coverage Δ | |
|---|---|---|
| [superset/config.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvY29uZmlnLnB5) | `91.82% <ø> (ø)` | |
| [superset/connectors/sqla/utils.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvY29ubmVjdG9ycy9zcWxhL3V0aWxzLnB5) | `90.00% <80.00%> (-2.16%)` | :arrow_down: |
| [superset/connectors/sqla/models.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvY29ubmVjdG9ycy9zcWxhL21vZGVscy5weQ==) | `90.15% <100.00%> (+0.03%)` | :arrow_up: |
| [superset/errors.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvZXJyb3JzLnB5) | `94.44% <100.00%> (+0.07%)` | :arrow_up: |
| [superset/views/sql\_lab.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvdmlld3Mvc3FsX2xhYi5weQ==) | `59.33% <0.00%> (-1.36%)` | :arrow_down: |
| [superset/models/sql\_lab.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvbW9kZWxzL3NxbF9sYWIucHk=) | `91.55% <0.00%> (ø)` | |
------
[Continue to review full report at Codecov](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=continue&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation).
> **Legend** - [Click here to learn more](https://docs.codecov.io/docs/codecov-delta?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation)
> `Δ = absolute <relative> (impact)`, `ø = not affected`, `? = missing data`
> Powered by [Codecov](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=footer&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation). Last update [51061f0...3e4e4c0](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=lastupdated&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation). Read the [comment docs](https://docs.codecov.io/docs/pull-request-comments?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation).
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org
[GitHub] [superset] codecov[bot] edited a comment on pull request #19242: fix: allow subquery in ad-hoc SQL (WIP)
Posted by GitBox <gi...@apache.org>.
codecov[bot] edited a comment on pull request #19242:
URL: https://github.com/apache/superset/pull/19242#issuecomment-1071280201
# [Codecov](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=h1&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) Report
> Merging [#19242](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) (42f08a8) into [master](https://codecov.io/gh/apache/superset/commit/51061f0d672abca29f84943acb16a37403f25c2e?el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) (51061f0) will **decrease** coverage by `0.02%`.
> The diff coverage is `88.23%`.
```diff
@@ Coverage Diff @@
## master #19242 +/- ##
==========================================
- Coverage 66.76% 66.74% -0.03%
==========================================
Files 1670 1670
Lines 64392 64411 +19
Branches 6499 6499
==========================================
- Hits 42991 42988 -3
- Misses 19718 19740 +22
Partials 1683 1683
```
| Flag | Coverage Δ | |
|---|---|---|
| hive | `52.55% <82.35%> (+0.02%)` | :arrow_up: |
| mysql | `81.96% <88.23%> (-0.01%)` | :arrow_down: |
| postgres | `?` | |
| presto | `52.40% <82.35%> (+0.02%)` | :arrow_up: |
| python | `82.38% <88.23%> (-0.06%)` | :arrow_down: |
| sqlite | `81.76% <88.23%> (-0.01%)` | :arrow_down: |
Flags with carried forward coverage won't be shown. [Click here](https://docs.codecov.io/docs/carryforward-flags?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#carryforward-flags-in-the-pull-request-comment) to find out more.
| [Impacted Files](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) | Coverage Δ | |
|---|---|---|
| [superset/config.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvY29uZmlnLnB5) | `91.82% <ø> (ø)` | |
| [superset/connectors/sqla/utils.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvY29ubmVjdG9ycy9zcWxhL3V0aWxzLnB5) | `90.00% <80.00%> (-2.16%)` | :arrow_down: |
| [superset/connectors/sqla/models.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvY29ubmVjdG9ycy9zcWxhL21vZGVscy5weQ==) | `90.15% <100.00%> (+0.03%)` | :arrow_up: |
| [superset/errors.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvZXJyb3JzLnB5) | `94.44% <100.00%> (+0.07%)` | :arrow_up: |
| [superset/sql\_validators/postgres.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvc3FsX3ZhbGlkYXRvcnMvcG9zdGdyZXMucHk=) | `50.00% <0.00%> (-50.00%)` | :arrow_down: |
| [superset/reports/commands/log\_prune.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvcmVwb3J0cy9jb21tYW5kcy9sb2dfcHJ1bmUucHk=) | `85.71% <0.00%> (-3.58%)` | :arrow_down: |
| [superset/db\_engine\_specs/postgres.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvZGJfZW5naW5lX3NwZWNzL3Bvc3RncmVzLnB5) | `95.45% <0.00%> (-1.82%)` | :arrow_down: |
| [superset/views/sql\_lab.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvdmlld3Mvc3FsX2xhYi5weQ==) | `59.33% <0.00%> (-1.36%)` | :arrow_down: |
| [superset/commands/importers/v1/utils.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvY29tbWFuZHMvaW1wb3J0ZXJzL3YxL3V0aWxzLnB5) | `92.20% <0.00%> (-1.30%)` | :arrow_down: |
| [superset/common/query\_object.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvY29tbW9uL3F1ZXJ5X29iamVjdC5weQ==) | `95.13% <0.00%> (-0.55%)` | :arrow_down: |
| ... and [3 more](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree-more&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) | |
------
[Continue to review full report at Codecov](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=continue&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation).
> **Legend** - [Click here to learn more](https://docs.codecov.io/docs/codecov-delta?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation)
> `Δ = absolute <relative> (impact)`, `ø = not affected`, `? = missing data`
> Powered by [Codecov](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=footer&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation). Last update [51061f0...42f08a8](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=lastupdated&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation). Read the [comment docs](https://docs.codecov.io/docs/pull-request-comments?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation).
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org
[GitHub] [superset] codecov[bot] edited a comment on pull request #19242: fix: allow subquery in ad-hoc SQL (WIP)
Posted by GitBox <gi...@apache.org>.
codecov[bot] edited a comment on pull request #19242:
URL: https://github.com/apache/superset/pull/19242#issuecomment-1071280201
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org
[GitHub] [superset] codecov[bot] edited a comment on pull request #19242: fix: allow subquery in ad-hoc SQL (WIP)
Posted by GitBox <gi...@apache.org>.
codecov[bot] edited a comment on pull request #19242:
URL: https://github.com/apache/superset/pull/19242#issuecomment-1071280201
# [Codecov](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=h1&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) Report
> Merging [#19242](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) (8163c42) into [master](https://codecov.io/gh/apache/superset/commit/51061f0d672abca29f84943acb16a37403f25c2e?el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) (51061f0) will **decrease** coverage by `0.18%`.
> The diff coverage is `78.26%`.
> :exclamation: Current head 8163c42 differs from pull request most recent head 16f5f3d. Consider uploading reports for the commit 16f5f3d to get more accurate results
```diff
@@ Coverage Diff @@
## master #19242 +/- ##
==========================================
- Coverage 66.76% 66.57% -0.19%
==========================================
Files 1670 1670
Lines 64392 64413 +21
Branches 6499 6499
==========================================
- Hits 42991 42886 -105
- Misses 19718 19844 +126
Partials 1683 1683
```
| Flag | Coverage Δ | |
|---|---|---|
| hive | `?` | |
| mysql | `?` | |
| postgres | `82.01% <78.26%> (-0.01%)` | :arrow_down: |
| presto | `?` | |
| python | `82.06% <78.26%> (-0.39%)` | :arrow_down: |
| sqlite | `81.76% <78.26%> (-0.01%)` | :arrow_down: |
Flags with carried forward coverage won't be shown. [Click here](https://docs.codecov.io/docs/carryforward-flags?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#carryforward-flags-in-the-pull-request-comment) to find out more.
| [Impacted Files](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) | Coverage Δ | |
|---|---|---|
| [superset/config.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvY29uZmlnLnB5) | `91.82% <ø> (ø)` | |
| [superset/views/sql\_lab.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvdmlld3Mvc3FsX2xhYi5weQ==) | `59.33% <20.00%> (-1.36%)` | :arrow_down: |
| [superset/connectors/sqla/utils.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvY29ubmVjdG9ycy9zcWxhL3V0aWxzLnB5) | `91.66% <90.00%> (-0.50%)` | :arrow_down: |
| [superset/connectors/sqla/models.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvY29ubmVjdG9ycy9zcWxhL21vZGVscy5weQ==) | `88.94% <100.00%> (-1.18%)` | :arrow_down: |
| [superset/errors.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvZXJyb3JzLnB5) | `94.44% <100.00%> (+0.07%)` | :arrow_up: |
| [superset/models/sql\_lab.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvbW9kZWxzL3NxbF9sYWIucHk=) | `91.55% <100.00%> (ø)` | |
| [superset/db\_engines/hive.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvZGJfZW5naW5lcy9oaXZlLnB5) | `0.00% <0.00%> (-85.19%)` | :arrow_down: |
| [superset/db\_engine\_specs/hive.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvZGJfZW5naW5lX3NwZWNzL2hpdmUucHk=) | `70.00% <0.00%> (-15.77%)` | :arrow_down: |
| [superset/common/utils/dataframe\_utils.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvY29tbW9uL3V0aWxzL2RhdGFmcmFtZV91dGlscy5weQ==) | `85.71% <0.00%> (-7.15%)` | :arrow_down: |
| [superset/db\_engine\_specs/presto.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvZGJfZW5naW5lX3NwZWNzL3ByZXN0by5weQ==) | `83.47% <0.00%> (-5.65%)` | :arrow_down: |
| ... and [6 more](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree-more&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) | |
------
[Continue to review full report at Codecov](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=continue&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation).
> **Legend** - [Click here to learn more](https://docs.codecov.io/docs/codecov-delta?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation)
> `Δ = absolute <relative> (impact)`, `ø = not affected`, `? = missing data`
> Powered by [Codecov](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=footer&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation). Last update [51061f0...16f5f3d](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=lastupdated&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation). Read the [comment docs](https://docs.codecov.io/docs/pull-request-comments?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation).
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org
[GitHub] [superset] codecov[bot] commented on pull request #19242: fix: allow subquery in ad-hoc SQL (WIP)
Posted by GitBox <gi...@apache.org>.
codecov[bot] commented on pull request #19242:
URL: https://github.com/apache/superset/pull/19242#issuecomment-1071280201
# [Codecov](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=h1&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) Report
> Merging [#19242](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) (c36a206) into [master](https://codecov.io/gh/apache/superset/commit/51061f0d672abca29f84943acb16a37403f25c2e?el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) (51061f0) will **decrease** coverage by `0.15%`.
> The diff coverage is `76.47%`.
> :exclamation: Current head c36a206 differs from pull request most recent head 6633f7f. Consider uploading reports for the commit 6633f7f to get more accurate results
```diff
@@ Coverage Diff @@
## master #19242 +/- ##
==========================================
- Coverage 66.76% 66.60% -0.16%
==========================================
Files 1670 1670
Lines 64392 64406 +14
Branches 6499 6499
==========================================
- Hits 42991 42900 -91
- Misses 19718 19823 +105
Partials 1683 1683
```
| Flag | Coverage Δ | |
|---|---|---|
| hive | `52.53% <70.58%> (+<0.01%)` | :arrow_up: |
| mysql | `?` | |
| postgres | `?` | |
| presto | `52.38% <70.58%> (+<0.01%)` | :arrow_up: |
| python | `82.12% <76.47%> (-0.33%)` | :arrow_down: |
| sqlite | `81.76% <76.47%> (-0.01%)` | :arrow_down: |
Flags with carried forward coverage won't be shown. [Click here](https://docs.codecov.io/docs/carryforward-flags?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#carryforward-flags-in-the-pull-request-comment) to find out more.
| [Impacted Files](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) | Coverage Δ | |
|---|---|---|
| [superset/config.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvY29uZmlnLnB5) | `91.82% <ø> (ø)` | |
| [superset/connectors/sqla/utils.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvY29ubmVjdG9ycy9zcWxhL3V0aWxzLnB5) | `86.66% <60.00%> (-5.50%)` | :arrow_down: |
| [superset/connectors/sqla/models.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvY29ubmVjdG9ycy9zcWxhL21vZGVscy5weQ==) | `89.67% <100.00%> (-0.44%)` | :arrow_down: |
| [superset/errors.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvZXJyb3JzLnB5) | `94.44% <100.00%> (+0.07%)` | :arrow_up: |
| [superset/sql\_validators/postgres.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvc3FsX3ZhbGlkYXRvcnMvcG9zdGdyZXMucHk=) | `50.00% <0.00%> (-50.00%)` | :arrow_down: |
| [superset/databases/commands/create.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvZGF0YWJhc2VzL2NvbW1hbmRzL2NyZWF0ZS5weQ==) | `64.70% <0.00%> (-27.46%)` | :arrow_down: |
| [superset/views/database/mixins.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvdmlld3MvZGF0YWJhc2UvbWl4aW5zLnB5) | `60.34% <0.00%> (-20.69%)` | :arrow_down: |
| [superset/databases/commands/update.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvZGF0YWJhc2VzL2NvbW1hbmRzL3VwZGF0ZS5weQ==) | `85.71% <0.00%> (-8.17%)` | :arrow_down: |
| [superset/common/utils/dataframe\_utils.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvY29tbW9uL3V0aWxzL2RhdGFmcmFtZV91dGlscy5weQ==) | `85.71% <0.00%> (-7.15%)` | :arrow_down: |
| [superset/databases/api.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvZGF0YWJhc2VzL2FwaS5weQ==) | `87.98% <0.00%> (-6.01%)` | :arrow_down: |
| ... and [14 more](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree-more&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) | |
------
[Continue to review full report at Codecov](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=continue&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation).
> **Legend** - [Click here to learn more](https://docs.codecov.io/docs/codecov-delta?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation)
> `Δ = absolute <relative> (impact)`, `ø = not affected`, `? = missing data`
> Powered by [Codecov](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=footer&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation). Last update [51061f0...6633f7f](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=lastupdated&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation). Read the [comment docs](https://docs.codecov.io/docs/pull-request-comments?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation).
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org
[GitHub] [superset] suddjian commented on a change in pull request #19242: fix: allow subquery in ad-hoc SQL
Posted by GitBox <gi...@apache.org>.
suddjian commented on a change in pull request #19242:
URL: https://github.com/apache/superset/pull/19242#discussion_r829397162
##########
File path: superset/connectors/sqla/utils.py
##########
@@ -119,3 +120,22 @@ def get_virtual_table_metadata(dataset: "SqlaTable") -> List[Dict[str, str]]:
except Exception as ex:
raise SupersetGenericDBErrorException(message=str(ex)) from ex
return cols
+
+
+def allow_adhoc_subquery(raw_sql: str) -> bool:
+ # pylint: disable=import-outside-toplevel
+ from superset import is_feature_enabled
+
+ if is_feature_enabled("ALLOW_ADHOC_SUBQUERY"):
+ return True
+
+ statement = sqlparse.parse(raw_sql)[0]
+ if has_table_query(statement):
+ raise SupersetSecurityException(
+ SupersetError(
+ error_type=SupersetErrorType.ADHOC_SUBQUERY_NOT_ALLOWED_ERROR,
+ message=_("Custom SQL does not allow subquery."),
Review comment:
```suggestion
message=_("Custom SQL fields cannot contain subqueries."),
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org
[GitHub] [superset] codecov[bot] edited a comment on pull request #19242: fix: allow subquery in ad-hoc SQL (WIP)
Posted by GitBox <gi...@apache.org>.
codecov[bot] edited a comment on pull request #19242:
URL: https://github.com/apache/superset/pull/19242#issuecomment-1071280201
# [Codecov](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=h1&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) Report
> Merging [#19242](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) (f674e77) into [master](https://codecov.io/gh/apache/superset/commit/51061f0d672abca29f84943acb16a37403f25c2e?el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) (51061f0) will **decrease** coverage by `0.17%`.
> The diff coverage is `65.21%`.
> :exclamation: Current head f674e77 differs from pull request most recent head 52ac357. Consider uploading reports for the commit 52ac357 to get more accurate results
```diff
@@ Coverage Diff @@
## master #19242 +/- ##
==========================================
- Coverage 66.76% 66.59% -0.18%
==========================================
Files 1670 1670
Lines 64392 64411 +19
Branches 6499 6499
==========================================
- Hits 42991 42894 -97
- Misses 19718 19834 +116
Partials 1683 1683
```
| Flag | Coverage Δ | |
|---|---|---|
| hive | `?` | |
| mysql | `81.95% <65.21%> (-0.02%)` | :arrow_down: |
| postgres | `82.00% <65.21%> (-0.02%)` | :arrow_down: |
| presto | `?` | |
| python | `82.09% <65.21%> (-0.36%)` | :arrow_down: |
| sqlite | `81.75% <65.21%> (-0.02%)` | :arrow_down: |
Flags with carried forward coverage won't be shown. [Click here](https://docs.codecov.io/docs/carryforward-flags?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#carryforward-flags-in-the-pull-request-comment) to find out more.
| [Impacted Files](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) | Coverage Δ | |
|---|---|---|
| [superset/config.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvY29uZmlnLnB5) | `91.82% <ø> (ø)` | |
| [superset/views/sql\_lab.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvdmlld3Mvc3FsX2xhYi5weQ==) | `59.33% <20.00%> (-1.36%)` | :arrow_down: |
| [superset/connectors/sqla/utils.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvY29ubmVjdG9ycy9zcWxhL3V0aWxzLnB5) | `86.66% <60.00%> (-5.50%)` | :arrow_down: |
| [superset/connectors/sqla/models.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvY29ubmVjdG9ycy9zcWxhL21vZGVscy5weQ==) | `88.92% <100.00%> (-1.20%)` | :arrow_down: |
| [superset/errors.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvZXJyb3JzLnB5) | `94.44% <100.00%> (+0.07%)` | :arrow_up: |
| [superset/models/sql\_lab.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvbW9kZWxzL3NxbF9sYWIucHk=) | `91.55% <100.00%> (ø)` | |
| [superset/db\_engines/hive.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvZGJfZW5naW5lcy9oaXZlLnB5) | `0.00% <0.00%> (-85.19%)` | :arrow_down: |
| [superset/db\_engine\_specs/hive.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvZGJfZW5naW5lX3NwZWNzL2hpdmUucHk=) | `70.00% <0.00%> (-15.77%)` | :arrow_down: |
| [superset/db\_engine\_specs/presto.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvZGJfZW5naW5lX3NwZWNzL3ByZXN0by5weQ==) | `83.47% <0.00%> (-5.65%)` | :arrow_down: |
| ... and [3 more](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree-more&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) | |
------
[Continue to review full report at Codecov](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=continue&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation).
> **Legend** - [Click here to learn more](https://docs.codecov.io/docs/codecov-delta?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation)
> `Δ = absolute <relative> (impact)`, `ø = not affected`, `? = missing data`
> Powered by [Codecov](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=footer&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation). Last update [51061f0...52ac357](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=lastupdated&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation). Read the [comment docs](https://docs.codecov.io/docs/pull-request-comments?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation).
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org
[GitHub] [superset] betodealmeida commented on pull request #19242: fix: allow subquery in ad-hoc SQL (WIP)
Posted by GitBox <gi...@apache.org>.
betodealmeida commented on pull request #19242:
URL: https://github.com/apache/superset/pull/19242#issuecomment-1071385517
This looks great! I was confused by the behavior of `allow_adhoc_subquery`, so I left a suggestion on how to make it easier to understand.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org
[GitHub] [superset] codecov[bot] edited a comment on pull request #19242: fix: allow subquery in ad-hoc SQL (WIP)
Posted by GitBox <gi...@apache.org>.
codecov[bot] edited a comment on pull request #19242:
URL: https://github.com/apache/superset/pull/19242#issuecomment-1071280201
# [Codecov](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=h1&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) Report
> Merging [#19242](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) (42f08a8) into [master](https://codecov.io/gh/apache/superset/commit/51061f0d672abca29f84943acb16a37403f25c2e?el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) (51061f0) will **increase** coverage by `0.00%`.
> The diff coverage is `88.23%`.
> :exclamation: Current head 42f08a8 differs from pull request most recent head 16f5f3d. Consider uploading reports for the commit 16f5f3d to get more accurate results
```diff
@@ Coverage Diff @@
## master #19242 +/- ##
=======================================
Coverage 66.76% 66.76%
=======================================
Files 1670 1670
Lines 64392 64411 +19
Branches 6499 6499
=======================================
+ Hits 42991 43004 +13
- Misses 19718 19724 +6
Partials 1683 1683
```
| Flag | Coverage Δ | |
|---|---|---|
| hive | `52.55% <82.35%> (+0.02%)` | :arrow_up: |
| mysql | `81.96% <88.23%> (-0.01%)` | :arrow_down: |
| postgres | `82.01% <88.23%> (-0.01%)` | :arrow_down: |
| presto | `52.40% <82.35%> (+0.02%)` | :arrow_up: |
| python | `82.43% <88.23%> (-0.01%)` | :arrow_down: |
| sqlite | `81.76% <88.23%> (-0.01%)` | :arrow_down: |
Flags with carried forward coverage won't be shown. [Click here](https://docs.codecov.io/docs/carryforward-flags?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#carryforward-flags-in-the-pull-request-comment) to find out more.
| [Impacted Files](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) | Coverage Δ | |
|---|---|---|
| [superset/config.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvY29uZmlnLnB5) | `91.82% <ø> (ø)` | |
| [superset/connectors/sqla/utils.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvY29ubmVjdG9ycy9zcWxhL3V0aWxzLnB5) | `90.00% <80.00%> (-2.16%)` | :arrow_down: |
| [superset/connectors/sqla/models.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvY29ubmVjdG9ycy9zcWxhL21vZGVscy5weQ==) | `90.15% <100.00%> (+0.03%)` | :arrow_up: |
| [superset/errors.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvZXJyb3JzLnB5) | `94.44% <100.00%> (+0.07%)` | :arrow_up: |
| [superset/views/sql\_lab.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvdmlld3Mvc3FsX2xhYi5weQ==) | `59.33% <0.00%> (-1.36%)` | :arrow_down: |
| [superset/models/sql\_lab.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvbW9kZWxzL3NxbF9sYWIucHk=) | `91.55% <0.00%> (ø)` | |
------
[Continue to review full report at Codecov](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=continue&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation).
> **Legend** - [Click here to learn more](https://docs.codecov.io/docs/codecov-delta?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation)
> `Δ = absolute <relative> (impact)`, `ø = not affected`, `? = missing data`
> Powered by [Codecov](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=footer&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation). Last update [51061f0...16f5f3d](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=lastupdated&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation). Read the [comment docs](https://docs.codecov.io/docs/pull-request-comments?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation).
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org
[GitHub] [superset] codecov[bot] edited a comment on pull request #19242: fix: allow subquery in ad-hoc SQL (WIP)
Posted by GitBox <gi...@apache.org>.
codecov[bot] edited a comment on pull request #19242:
URL: https://github.com/apache/superset/pull/19242#issuecomment-1071280201
# [Codecov](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=h1&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) Report
> Merging [#19242](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) (f674e77) into [master](https://codecov.io/gh/apache/superset/commit/51061f0d672abca29f84943acb16a37403f25c2e?el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) (51061f0) will **decrease** coverage by `0.17%`.
> The diff coverage is `65.21%`.
> :exclamation: Current head f674e77 differs from pull request most recent head 0a0e343. Consider uploading reports for the commit 0a0e343 to get more accurate results
```diff
@@ Coverage Diff @@
## master #19242 +/- ##
==========================================
- Coverage 66.76% 66.59% -0.18%
==========================================
Files 1670 1670
Lines 64392 64411 +19
Branches 6499 6499
==========================================
- Hits 42991 42894 -97
- Misses 19718 19834 +116
Partials 1683 1683
```
| Flag | Coverage Δ | |
|---|---|---|
| hive | `?` | |
| mysql | `81.95% <65.21%> (-0.02%)` | :arrow_down: |
| postgres | `82.00% <65.21%> (-0.02%)` | :arrow_down: |
| presto | `?` | |
| python | `82.09% <65.21%> (-0.36%)` | :arrow_down: |
| sqlite | `81.75% <65.21%> (-0.02%)` | :arrow_down: |
Flags with carried forward coverage won't be shown. [Click here](https://docs.codecov.io/docs/carryforward-flags?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#carryforward-flags-in-the-pull-request-comment) to find out more.
| [Impacted Files](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) | Coverage Δ | |
|---|---|---|
| [superset/config.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvY29uZmlnLnB5) | `91.82% <ø> (ø)` | |
| [superset/views/sql\_lab.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvdmlld3Mvc3FsX2xhYi5weQ==) | `59.33% <20.00%> (-1.36%)` | :arrow_down: |
| [superset/connectors/sqla/utils.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvY29ubmVjdG9ycy9zcWxhL3V0aWxzLnB5) | `86.66% <60.00%> (-5.50%)` | :arrow_down: |
| [superset/connectors/sqla/models.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvY29ubmVjdG9ycy9zcWxhL21vZGVscy5weQ==) | `88.92% <100.00%> (-1.20%)` | :arrow_down: |
| [superset/errors.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvZXJyb3JzLnB5) | `94.44% <100.00%> (+0.07%)` | :arrow_up: |
| [superset/models/sql\_lab.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvbW9kZWxzL3NxbF9sYWIucHk=) | `91.55% <100.00%> (ø)` | |
| [superset/db\_engines/hive.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvZGJfZW5naW5lcy9oaXZlLnB5) | `0.00% <0.00%> (-85.19%)` | :arrow_down: |
| [superset/db\_engine\_specs/hive.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvZGJfZW5naW5lX3NwZWNzL2hpdmUucHk=) | `70.00% <0.00%> (-15.77%)` | :arrow_down: |
| [superset/db\_engine\_specs/presto.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvZGJfZW5naW5lX3NwZWNzL3ByZXN0by5weQ==) | `83.47% <0.00%> (-5.65%)` | :arrow_down: |
| ... and [3 more](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree-more&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) | |
------
[Continue to review full report at Codecov](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=continue&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation).
> **Legend** - [Click here to learn more](https://docs.codecov.io/docs/codecov-delta?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation)
> `Δ = absolute <relative> (impact)`, `ø = not affected`, `? = missing data`
> Powered by [Codecov](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=footer&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation). Last update [51061f0...0a0e343](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=lastupdated&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation). Read the [comment docs](https://docs.codecov.io/docs/pull-request-comments?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation).
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org
[GitHub] [superset] codecov[bot] edited a comment on pull request #19242: fix: allow subquery in ad-hoc SQL (WIP)
Posted by GitBox <gi...@apache.org>.
codecov[bot] edited a comment on pull request #19242:
URL: https://github.com/apache/superset/pull/19242#issuecomment-1071280201
# [Codecov](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=h1&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) Report
> Merging [#19242](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) (42f08a8) into [master](https://codecov.io/gh/apache/superset/commit/51061f0d672abca29f84943acb16a37403f25c2e?el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) (51061f0) will **decrease** coverage by `0.15%`.
> The diff coverage is `88.23%`.
```diff
@@ Coverage Diff @@
## master #19242 +/- ##
==========================================
- Coverage 66.76% 66.60% -0.16%
==========================================
Files 1670 1670
Lines 64392 64411 +19
Branches 6499 6499
==========================================
- Hits 42991 42903 -88
- Misses 19718 19825 +107
Partials 1683 1683
```
| Flag | Coverage Δ | |
|---|---|---|
| hive | `52.55% <82.35%> (+0.02%)` | :arrow_up: |
| mysql | `?` | |
| postgres | `?` | |
| presto | `52.40% <82.35%> (+0.02%)` | :arrow_up: |
| python | `82.11% <88.23%> (-0.33%)` | :arrow_down: |
| sqlite | `81.76% <88.23%> (-0.01%)` | :arrow_down: |
Flags with carried forward coverage won't be shown. [Click here](https://docs.codecov.io/docs/carryforward-flags?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#carryforward-flags-in-the-pull-request-comment) to find out more.
| [Impacted Files](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) | Coverage Δ | |
|---|---|---|
| [superset/config.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvY29uZmlnLnB5) | `91.82% <ø> (ø)` | |
| [superset/connectors/sqla/utils.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvY29ubmVjdG9ycy9zcWxhL3V0aWxzLnB5) | `90.00% <80.00%> (-2.16%)` | :arrow_down: |
| [superset/connectors/sqla/models.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvY29ubmVjdG9ycy9zcWxhL21vZGVscy5weQ==) | `89.67% <100.00%> (-0.44%)` | :arrow_down: |
| [superset/errors.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvZXJyb3JzLnB5) | `94.44% <100.00%> (+0.07%)` | :arrow_up: |
| [superset/sql\_validators/postgres.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvc3FsX3ZhbGlkYXRvcnMvcG9zdGdyZXMucHk=) | `50.00% <0.00%> (-50.00%)` | :arrow_down: |
| [superset/databases/commands/create.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvZGF0YWJhc2VzL2NvbW1hbmRzL2NyZWF0ZS5weQ==) | `64.70% <0.00%> (-27.46%)` | :arrow_down: |
| [superset/views/database/mixins.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvdmlld3MvZGF0YWJhc2UvbWl4aW5zLnB5) | `60.34% <0.00%> (-20.69%)` | :arrow_down: |
| [superset/databases/commands/update.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvZGF0YWJhc2VzL2NvbW1hbmRzL3VwZGF0ZS5weQ==) | `85.71% <0.00%> (-8.17%)` | :arrow_down: |
| [superset/common/utils/dataframe\_utils.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvY29tbW9uL3V0aWxzL2RhdGFmcmFtZV91dGlscy5weQ==) | `85.71% <0.00%> (-7.15%)` | :arrow_down: |
| [superset/databases/api.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvZGF0YWJhc2VzL2FwaS5weQ==) | `87.98% <0.00%> (-6.01%)` | :arrow_down: |
| ... and [16 more](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree-more&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) | |
------
[Continue to review full report at Codecov](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=continue&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation).
> **Legend** - [Click here to learn more](https://docs.codecov.io/docs/codecov-delta?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation)
> `Δ = absolute <relative> (impact)`, `ø = not affected`, `? = missing data`
> Powered by [Codecov](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=footer&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation). Last update [51061f0...42f08a8](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=lastupdated&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation). Read the [comment docs](https://docs.codecov.io/docs/pull-request-comments?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation).
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org
[GitHub] [superset] codecov[bot] edited a comment on pull request #19242: fix: allow subquery in ad-hoc SQL (WIP)
Posted by GitBox <gi...@apache.org>.
codecov[bot] edited a comment on pull request #19242:
URL: https://github.com/apache/superset/pull/19242#issuecomment-1071280201
# [Codecov](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=h1&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) Report
> Merging [#19242](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) (42f08a8) into [master](https://codecov.io/gh/apache/superset/commit/51061f0d672abca29f84943acb16a37403f25c2e?el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) (51061f0) will **increase** coverage by `0.00%`.
> The diff coverage is `88.23%`.
```diff
@@ Coverage Diff @@
## master #19242 +/- ##
=======================================
Coverage 66.76% 66.76%
=======================================
Files 1670 1670
Lines 64392 64411 +19
Branches 6499 6499
=======================================
+ Hits 42991 43004 +13
- Misses 19718 19724 +6
Partials 1683 1683
```
| Flag | Coverage Δ | |
|---|---|---|
| hive | `52.55% <82.35%> (+0.02%)` | :arrow_up: |
| mysql | `81.96% <88.23%> (-0.01%)` | :arrow_down: |
| postgres | `82.01% <88.23%> (-0.01%)` | :arrow_down: |
| presto | `52.40% <82.35%> (+0.02%)` | :arrow_up: |
| python | `82.43% <88.23%> (-0.01%)` | :arrow_down: |
| sqlite | `81.76% <88.23%> (-0.01%)` | :arrow_down: |
Flags with carried forward coverage won't be shown. [Click here](https://docs.codecov.io/docs/carryforward-flags?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#carryforward-flags-in-the-pull-request-comment) to find out more.
| [Impacted Files](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) | Coverage Δ | |
|---|---|---|
| [superset/config.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvY29uZmlnLnB5) | `91.82% <ø> (ø)` | |
| [superset/connectors/sqla/utils.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvY29ubmVjdG9ycy9zcWxhL3V0aWxzLnB5) | `90.00% <80.00%> (-2.16%)` | :arrow_down: |
| [superset/connectors/sqla/models.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvY29ubmVjdG9ycy9zcWxhL21vZGVscy5weQ==) | `90.15% <100.00%> (+0.03%)` | :arrow_up: |
| [superset/errors.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvZXJyb3JzLnB5) | `94.44% <100.00%> (+0.07%)` | :arrow_up: |
| [superset/views/sql\_lab.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvdmlld3Mvc3FsX2xhYi5weQ==) | `59.33% <0.00%> (-1.36%)` | :arrow_down: |
| [superset/models/sql\_lab.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvbW9kZWxzL3NxbF9sYWIucHk=) | `91.55% <0.00%> (ø)` | |
------
[Continue to review full report at Codecov](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=continue&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation).
> **Legend** - [Click here to learn more](https://docs.codecov.io/docs/codecov-delta?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation)
> `Δ = absolute <relative> (impact)`, `ø = not affected`, `? = missing data`
> Powered by [Codecov](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=footer&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation). Last update [51061f0...42f08a8](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=lastupdated&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation). Read the [comment docs](https://docs.codecov.io/docs/pull-request-comments?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation).
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org
[GitHub] [superset] lilykuang commented on a change in pull request #19242: fix: allow subquery in ad-hoc SQL (WIP)
Posted by GitBox <gi...@apache.org>.
lilykuang commented on a change in pull request #19242:
URL: https://github.com/apache/superset/pull/19242#discussion_r829624321
##########
File path: superset/connectors/sqla/models.py
##########
@@ -1180,7 +1184,7 @@ def get_sqla_query( # pylint: disable=too-many-arguments,too-many-locals,too-ma
for selected in columns:
select_exprs.append(
columns_by_name[selected].get_sqla_col()
- if selected in columns_by_name
+ if selected in columns_by_name and validate_adhoc_subquery(selected)
Review comment:
that makes sense. thank you for clarifying your comments. I will update the method accordingly 😄.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org
[GitHub] [superset] codecov[bot] commented on pull request #19242: fix: allow subquery in ad-hoc SQL (WIP)
Posted by GitBox <gi...@apache.org>.
codecov[bot] commented on pull request #19242:
URL: https://github.com/apache/superset/pull/19242#issuecomment-1071280201
# [Codecov](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=h1&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) Report
> Merging [#19242](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) (c36a206) into [master](https://codecov.io/gh/apache/superset/commit/51061f0d672abca29f84943acb16a37403f25c2e?el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) (51061f0) will **decrease** coverage by `0.15%`.
> The diff coverage is `76.47%`.
> :exclamation: Current head c36a206 differs from pull request most recent head 6633f7f. Consider uploading reports for the commit 6633f7f to get more accurate results
```diff
@@ Coverage Diff @@
## master #19242 +/- ##
==========================================
- Coverage 66.76% 66.60% -0.16%
==========================================
Files 1670 1670
Lines 64392 64406 +14
Branches 6499 6499
==========================================
- Hits 42991 42900 -91
- Misses 19718 19823 +105
Partials 1683 1683
```
| Flag | Coverage Δ | |
|---|---|---|
| hive | `52.53% <70.58%> (+<0.01%)` | :arrow_up: |
| mysql | `?` | |
| postgres | `?` | |
| presto | `52.38% <70.58%> (+<0.01%)` | :arrow_up: |
| python | `82.12% <76.47%> (-0.33%)` | :arrow_down: |
| sqlite | `81.76% <76.47%> (-0.01%)` | :arrow_down: |
Flags with carried forward coverage won't be shown. [Click here](https://docs.codecov.io/docs/carryforward-flags?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#carryforward-flags-in-the-pull-request-comment) to find out more.
| [Impacted Files](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) | Coverage Δ | |
|---|---|---|
| [superset/config.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvY29uZmlnLnB5) | `91.82% <ø> (ø)` | |
| [superset/connectors/sqla/utils.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvY29ubmVjdG9ycy9zcWxhL3V0aWxzLnB5) | `86.66% <60.00%> (-5.50%)` | :arrow_down: |
| [superset/connectors/sqla/models.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvY29ubmVjdG9ycy9zcWxhL21vZGVscy5weQ==) | `89.67% <100.00%> (-0.44%)` | :arrow_down: |
| [superset/errors.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvZXJyb3JzLnB5) | `94.44% <100.00%> (+0.07%)` | :arrow_up: |
| [superset/sql\_validators/postgres.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvc3FsX3ZhbGlkYXRvcnMvcG9zdGdyZXMucHk=) | `50.00% <0.00%> (-50.00%)` | :arrow_down: |
| [superset/databases/commands/create.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvZGF0YWJhc2VzL2NvbW1hbmRzL2NyZWF0ZS5weQ==) | `64.70% <0.00%> (-27.46%)` | :arrow_down: |
| [superset/views/database/mixins.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvdmlld3MvZGF0YWJhc2UvbWl4aW5zLnB5) | `60.34% <0.00%> (-20.69%)` | :arrow_down: |
| [superset/databases/commands/update.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvZGF0YWJhc2VzL2NvbW1hbmRzL3VwZGF0ZS5weQ==) | `85.71% <0.00%> (-8.17%)` | :arrow_down: |
| [superset/common/utils/dataframe\_utils.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvY29tbW9uL3V0aWxzL2RhdGFmcmFtZV91dGlscy5weQ==) | `85.71% <0.00%> (-7.15%)` | :arrow_down: |
| [superset/databases/api.py](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3VwZXJzZXQvZGF0YWJhc2VzL2FwaS5weQ==) | `87.98% <0.00%> (-6.01%)` | :arrow_down: |
| ... and [14 more](https://codecov.io/gh/apache/superset/pull/19242/diff?src=pr&el=tree-more&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) | |
------
[Continue to review full report at Codecov](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=continue&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation).
> **Legend** - [Click here to learn more](https://docs.codecov.io/docs/codecov-delta?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation)
> `Δ = absolute <relative> (impact)`, `ø = not affected`, `? = missing data`
> Powered by [Codecov](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=footer&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation). Last update [51061f0...6633f7f](https://codecov.io/gh/apache/superset/pull/19242?src=pr&el=lastupdated&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation). Read the [comment docs](https://docs.codecov.io/docs/pull-request-comments?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation).
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org
[GitHub] [superset] betodealmeida commented on a change in pull request #19242: fix: allow subquery in ad-hoc SQL (WIP)
Posted by GitBox <gi...@apache.org>.
betodealmeida commented on a change in pull request #19242:
URL: https://github.com/apache/superset/pull/19242#discussion_r829461122
##########
File path: superset/config.py
##########
@@ -443,6 +443,7 @@ def _try_json_readsha(filepath: str, length: int) -> Optional[str]:
"ALLOW_FULL_CSV_EXPORT": False,
"UX_BETA": False,
"GENERIC_CHART_AXES": False,
+ "ALLOW_ADHOC_SUBQUERY": True,
Review comment:
I agree, even though this is technically a breaking change it prevents people from bypassing security rules.
##########
File path: superset/connectors/sqla/utils.py
##########
@@ -119,3 +120,22 @@ def get_virtual_table_metadata(dataset: "SqlaTable") -> List[Dict[str, str]]:
except Exception as ex:
raise SupersetGenericDBErrorException(message=str(ex)) from ex
return cols
+
+
+def allow_adhoc_subquery(raw_sql: str) -> bool:
Review comment:
Ah, I was confused when I saw the use of this function on the file above (`superset/connectors/sqla/models.py`), I expected this to return `True` or `False`, but it never returns `False`.
I think it might be clearer to rename this function and change its signature to something like:
```python
def validate_adhoc_subquery(raw_sql: str) -> None
```
Then in the file above it will be easier to understand what's going on.
Also, can you add a docstring to this function?
##########
File path: superset/connectors/sqla/utils.py
##########
@@ -119,3 +120,22 @@ def get_virtual_table_metadata(dataset: "SqlaTable") -> List[Dict[str, str]]:
except Exception as ex:
raise SupersetGenericDBErrorException(message=str(ex)) from ex
return cols
+
+
+def allow_adhoc_subquery(raw_sql: str) -> bool:
+ # pylint: disable=import-outside-toplevel
+ from superset import is_feature_enabled
+
+ if is_feature_enabled("ALLOW_ADHOC_SUBQUERY"):
+ return True
+
+ statement = sqlparse.parse(raw_sql)[0]
+ if has_table_query(statement):
Review comment:
I think it's safe to assume the ad-hoc expression will have a single statement, but we might want to err on the side of caution just in case and do:
```python
for statement in sqlparse.parse(raw_sql):
if has_table_query(statement):
raise ...
```
##########
File path: superset/connectors/sqla/models.py
##########
@@ -885,7 +886,8 @@ def adhoc_metric_to_sqla(
elif expression_type == utils.AdhocMetricExpressionType.SQL:
tp = self.get_template_processor()
expression = tp.process_template(cast(str, metric["sqlExpression"]))
- sqla_metric = literal_column(expression)
+ if allow_adhoc_subquery(expression):
Review comment:
If this condition is not true then `sqla_metric` will be undefined in line 894.
##########
File path: superset/connectors/sqla/models.py
##########
@@ -1165,7 +1169,7 @@ def get_sqla_query( # pylint: disable=too-many-arguments,too-many-locals,too-ma
# if groupby field equals a selected column
elif selected in columns_by_name:
outer = columns_by_name[selected].get_sqla_col()
- else:
+ elif allow_adhoc_subquery(selected):
Review comment:
Same here, we need a fallback value for `outer` when `allow_adhoc_subquery(selected)` is false.
##########
File path: superset/errors.py
##########
@@ -138,10 +139,12 @@ class SupersetErrorType(str, Enum):
1034: _("The port number is invalid."),
1035: _("Failed to start remote query on a worker."),
1036: _("The database was deleted."),
+ 1037: _("Custom SQL does not allow subquery."),
Review comment:
```suggestion
1037: _("Custom SQL fields cannot contain subqueries."),
```
(keeping it consistent with Aaron's suggestion)
##########
File path: superset/connectors/sqla/models.py
##########
@@ -1165,7 +1169,7 @@ def get_sqla_query( # pylint: disable=too-many-arguments,too-many-locals,too-ma
# if groupby field equals a selected column
elif selected in columns_by_name:
outer = columns_by_name[selected].get_sqla_col()
- else:
+ elif validate_adhoc_subquery(selected):
Review comment:
Same here:
```suggestion
else:
validate_adhoc_subquery(selected)
```
##########
File path: superset/connectors/sqla/utils.py
##########
@@ -119,3 +120,29 @@ def get_virtual_table_metadata(dataset: "SqlaTable") -> List[Dict[str, str]]:
except Exception as ex:
raise SupersetGenericDBErrorException(message=str(ex)) from ex
return cols
+
+
+def validate_adhoc_subquery(raw_sql: str) -> bool:
+ """
+ check adhoc SQL contains sub-queries or nested sub-queries with table
+ :param raw_sql: adhoc sql expression
+ :return True if sql contains no sub-queries or nested sub-queries with table
+ :raise SupersetSecurityException if sql contains sub-queries or
+ nested sub-queries with table
+ """
+ # pylint: disable=import-outside-toplevel
+ from superset import is_feature_enabled
+
+ if is_feature_enabled("ALLOW_ADHOC_SUBQUERY"):
+ return True
+
+ for statement in sqlparse.parse(raw_sql):
+ if has_table_query(statement):
+ raise SupersetSecurityException(
+ SupersetError(
+ error_type=SupersetErrorType.ADHOC_SUBQUERY_NOT_ALLOWED_ERROR,
+ message=_("Custom SQL fields cannot contain sub-queries."),
+ level=ErrorLevel.ERROR,
+ )
+ )
+ return True
Review comment:
My suggestion here would be:
```suggestion
def validate_adhoc_subquery(raw_sql: str) -> None:
"""
Check if adhoc SQL contains sub-queries or nested sub-queries with table
:param raw_sql: adhoc sql expression
:raise SupersetSecurityException if sql contains sub-queries or
nested sub-queries with table
"""
# pylint: disable=import-outside-toplevel
from superset import is_feature_enabled
if is_feature_enabled("ALLOW_ADHOC_SUBQUERY"):
return
for statement in sqlparse.parse(raw_sql):
if has_table_query(statement):
raise SupersetSecurityException(
SupersetError(
error_type=SupersetErrorType.ADHOC_SUBQUERY_NOT_ALLOWED_ERROR,
message=_("Custom SQL fields cannot contain sub-queries."),
level=ErrorLevel.ERROR,
)
)
return
```
##########
File path: superset/connectors/sqla/models.py
##########
@@ -1180,7 +1184,7 @@ def get_sqla_query( # pylint: disable=too-many-arguments,too-many-locals,too-ma
for selected in columns:
select_exprs.append(
columns_by_name[selected].get_sqla_col()
- if selected in columns_by_name
+ if selected in columns_by_name and validate_adhoc_subquery(selected)
Review comment:
This and line 1395 would also require some modification. Here something like:
```python
for selected in columns:
validate_adhoc_subquery(selected)
selec_exprs.append(...)
```
##########
File path: superset/connectors/sqla/models.py
##########
@@ -906,9 +908,11 @@ def adhoc_column_to_sqla(
"""
label = utils.get_column_name(col)
expression = col["sqlExpression"]
+ sqla_metric = None
if template_processor and expression:
expression = template_processor.process_template(expression)
- sqla_metric = literal_column(expression)
+ if expression and validate_adhoc_subquery(expression):
+ sqla_metric = literal_column(expression)
Review comment:
Not sure if my explanation made sense, but my suggestion was to change this to:
```suggestion
validate_adhoc_subquery(expression)
sqla_metric = literal_column(expression)
```
Because when I read the code `if expression and validate_adhoc_subquery(expression):` I wonder "what happens when `validate_adhoc_subquery(expression)` is false?", but that's a situation that can never happen, because the function currently can only return `True` (or raise an exception).
Having the function return `None` instead makes it easier to understand what's going on where it's being used.
(Alternatively, you could modify the function to return `True` or `False`, and raise the exception at the call site based on its return value. But because you're calling it from multiple places I think it's not worth it.)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org