You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@superset.apache.org by el...@apache.org on 2023/06/13 23:39:15 UTC
[superset] 04/07: fix: load examples as anon user (#23600)
This is an automated email from the ASF dual-hosted git repository.
elizabeth pushed a commit to branch elizabeth/test-2.1.1
in repository https://gitbox.apache.org/repos/asf/superset.git
commit 0a9f47e4ace1a9ece43461973b49162fd74a535f
Author: Beto Dealmeida <ro...@dealmeida.net>
AuthorDate: Thu Apr 6 08:23:00 2023 -0700
fix: load examples as anon user (#23600)
---
superset/charts/commands/importers/v1/utils.py | 7 ++--
superset/commands/importers/v1/examples.py | 41 +++++++++++++++-------
superset/dashboards/commands/importers/v1/utils.py | 10 ++++--
superset/databases/commands/importers/v1/utils.py | 6 +++-
superset/datasets/commands/importers/v1/utils.py | 6 +++-
5 files changed, 51 insertions(+), 19 deletions(-)
diff --git a/superset/charts/commands/importers/v1/utils.py b/superset/charts/commands/importers/v1/utils.py
index cea8af7b4c..d4aeb17a1e 100644
--- a/superset/charts/commands/importers/v1/utils.py
+++ b/superset/charts/commands/importers/v1/utils.py
@@ -27,9 +27,12 @@ from superset.models.slice import Slice
def import_chart(
- session: Session, config: Dict[str, Any], overwrite: bool = False
+ session: Session,
+ config: Dict[str, Any],
+ overwrite: bool = False,
+ ignore_permissions: bool = False,
) -> Slice:
- can_write = security_manager.can_access("can_write", "Chart")
+ can_write = ignore_permissions or security_manager.can_access("can_write", "Chart")
existing = session.query(Slice).filter_by(uuid=config["uuid"]).first()
if existing:
if not overwrite or not can_write:
diff --git a/superset/commands/importers/v1/examples.py b/superset/commands/importers/v1/examples.py
index 8d14c8298a..35efdb1393 100644
--- a/superset/commands/importers/v1/examples.py
+++ b/superset/commands/importers/v1/examples.py
@@ -21,7 +21,7 @@ from sqlalchemy.orm import Session
from sqlalchemy.orm.exc import MultipleResultsFound
from sqlalchemy.sql import select
-from superset import db, security_manager
+from superset import db
from superset.charts.commands.importers.v1 import ImportChartsCommand
from superset.charts.commands.importers.v1.utils import import_chart
from superset.charts.schemas import ImportV1ChartSchema
@@ -42,7 +42,7 @@ from superset.datasets.commands.importers.v1 import ImportDatasetsCommand
from superset.datasets.commands.importers.v1.utils import import_dataset
from superset.datasets.schemas import ImportV1DatasetSchema
from superset.models.dashboard import dashboard_slices
-from superset.utils.core import get_example_default_schema, override_user
+from superset.utils.core import get_example_default_schema
from superset.utils.database import get_example_database
@@ -69,13 +69,12 @@ class ImportExamplesCommand(ImportModelsCommand):
# rollback to prevent partial imports
try:
- with override_user(security_manager.find_user(username="admin")):
- self._import(
- db.session,
- self._configs,
- self.overwrite,
- self.force_data,
- )
+ self._import(
+ db.session,
+ self._configs,
+ self.overwrite,
+ self.force_data,
+ )
db.session.commit()
except Exception as ex:
db.session.rollback()
@@ -102,7 +101,12 @@ class ImportExamplesCommand(ImportModelsCommand):
database_ids: Dict[str, int] = {}
for file_name, config in configs.items():
if file_name.startswith("databases/"):
- database = import_database(session, config, overwrite=overwrite)
+ database = import_database(
+ session,
+ config,
+ overwrite=overwrite,
+ ignore_permissions=True,
+ )
database_ids[str(database.uuid)] = database.id
# import datasets
@@ -131,9 +135,10 @@ class ImportExamplesCommand(ImportModelsCommand):
config,
overwrite=overwrite,
force_data=force_data,
+ ignore_permissions=True,
)
except MultipleResultsFound:
- # Multiple result can be found for datasets. There was a bug in
+ # Multiple results can be found for datasets. There was a bug in
# load-examples that resulted in datasets being loaded with a NULL
# schema. Users could then add a new dataset with the same name in
# the correct schema, resulting in duplicates, since the uniqueness
@@ -156,7 +161,12 @@ class ImportExamplesCommand(ImportModelsCommand):
):
# update datasource id, type, and name
config.update(dataset_info[config["dataset_uuid"]])
- chart = import_chart(session, config, overwrite=overwrite)
+ chart = import_chart(
+ session,
+ config,
+ overwrite=overwrite,
+ ignore_permissions=True,
+ )
chart_ids[str(chart.uuid)] = chart.id
# store the existing relationship between dashboards and charts
@@ -173,7 +183,12 @@ class ImportExamplesCommand(ImportModelsCommand):
except KeyError:
continue
- dashboard = import_dashboard(session, config, overwrite=overwrite)
+ dashboard = import_dashboard(
+ session,
+ config,
+ overwrite=overwrite,
+ ignore_permissions=True,
+ )
dashboard.published = True
for uuid in find_chart_uuids(config["position"]):
diff --git a/superset/dashboards/commands/importers/v1/utils.py b/superset/dashboards/commands/importers/v1/utils.py
index 30bad57cb1..4d2ff96969 100644
--- a/superset/dashboards/commands/importers/v1/utils.py
+++ b/superset/dashboards/commands/importers/v1/utils.py
@@ -146,9 +146,15 @@ def update_id_refs( # pylint: disable=too-many-locals
def import_dashboard(
- session: Session, config: Dict[str, Any], overwrite: bool = False
+ session: Session,
+ config: Dict[str, Any],
+ overwrite: bool = False,
+ ignore_permissions: bool = False,
) -> Dashboard:
- can_write = security_manager.can_access("can_write", "Dashboard")
+ can_write = ignore_permissions or security_manager.can_access(
+ "can_write",
+ "Dashboard",
+ )
existing = session.query(Dashboard).filter_by(uuid=config["uuid"]).first()
if existing:
if not overwrite or not can_write:
diff --git a/superset/databases/commands/importers/v1/utils.py b/superset/databases/commands/importers/v1/utils.py
index 673e4f86df..5f7af41e6e 100644
--- a/superset/databases/commands/importers/v1/utils.py
+++ b/superset/databases/commands/importers/v1/utils.py
@@ -29,8 +29,12 @@ def import_database(
session: Session,
config: Dict[str, Any],
overwrite: bool = False,
+ ignore_permissions: bool = False,
) -> Database:
- can_write = security_manager.can_access("can_write", "Database")
+ can_write = ignore_permissions or security_manager.can_access(
+ "can_write",
+ "Database",
+ )
existing = session.query(Database).filter_by(uuid=config["uuid"]).first()
if existing:
if not overwrite or not can_write:
diff --git a/superset/datasets/commands/importers/v1/utils.py b/superset/datasets/commands/importers/v1/utils.py
index 2363cf7497..2df85cdfa2 100644
--- a/superset/datasets/commands/importers/v1/utils.py
+++ b/superset/datasets/commands/importers/v1/utils.py
@@ -105,8 +105,12 @@ def import_dataset(
config: Dict[str, Any],
overwrite: bool = False,
force_data: bool = False,
+ ignore_permissions: bool = False,
) -> SqlaTable:
- can_write = security_manager.can_access("can_write", "Dataset")
+ can_write = ignore_permissions or security_manager.can_access(
+ "can_write",
+ "Dataset",
+ )
existing = session.query(SqlaTable).filter_by(uuid=config["uuid"]).first()
if existing:
if not overwrite or not can_write: