You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@superset.apache.org by GitBox <gi...@apache.org> on 2019/12/17 23:22:48 UTC

[GitHub] [incubator-superset] prajamani opened a new issue #8858: How do we add users as owners for datasources ?

prajamani opened a new issue #8858: How do we add users as owners for datasources ?
URL: https://github.com/apache/incubator-superset/issues/8858
 
 
   What is the role that we need to add for users to be able to edit the datasources in charts ?
   
   ```def check_ownership(obj, raise_if_false=True):
       """Meant to be used in `pre_update` hooks on models to enforce ownership
   
       Admin have all access, and other users need to be referenced on either
       the created_by field that comes with the ``AuditMixin``, or in a field
       named ``owners`` which is expected to be a one-to-many with the User
       model. It is meant to be used in the ModelView's pre_update hook in
       which raising will abort the update.
       """
       if not obj:
           return False
   
       security_exception = SupersetSecurityException(
           "You don't have the rights to alter [{}]".format(obj))
   
       if g.user.is_anonymous:
           if raise_if_false:
               raise security_exception
           return False
       roles = [r.name for r in get_user_roles()]
       if 'Admin' in roles:
           return True
       session = db.create_scoped_session()
       orig_obj = session.query(obj.__class__).filter_by(id=obj.id).first()
   
       # Making a list of owners that works across ORM models
       owners = []
       if hasattr(orig_obj, 'owners'):
           owners += orig_obj.owners
       if hasattr(orig_obj, 'owner'):
           owners += [orig_obj.owner]
       if hasattr(orig_obj, 'created_by'):
           owners += [orig_obj.created_by]
   
       owner_names = [o.username for o in owners if o]
   
       if (
               g.user and hasattr(g.user, 'username') and
               g.user.username in owner_names):
           return True
       if raise_if_false:
           raise security_exception
       else:
           return False
   ```

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


With regards,
Apache Git Services

---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org