2022-01-20 14:27:57 -05:00
|
|
|
# Licensed to the Apache Software Foundation (ASF) under one
|
|
|
|
# or more contributor license agreements. See the NOTICE file
|
|
|
|
# distributed with this work for additional information
|
|
|
|
# regarding copyright ownership. The ASF licenses this file
|
|
|
|
# to you under the Apache License, Version 2.0 (the
|
|
|
|
# "License"); you may not use this file except in compliance
|
|
|
|
# with the License. You may obtain a copy of the License at
|
|
|
|
#
|
|
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
#
|
|
|
|
# Unless required by applicable law or agreed to in writing,
|
|
|
|
# software distributed under the License is distributed on an
|
|
|
|
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
|
|
|
# KIND, either express or implied. See the License for the
|
|
|
|
# specific language governing permissions and limitations
|
|
|
|
# under the License.
|
|
|
|
import json
|
|
|
|
from unittest.mock import patch
|
|
|
|
|
|
|
|
import pytest
|
|
|
|
from flask_appbuilder.security.sqla.models import User
|
|
|
|
from sqlalchemy.orm import Session
|
|
|
|
|
|
|
|
from superset.connectors.sqla.models import SqlaTable
|
|
|
|
from superset.datasets.commands.exceptions import DatasetAccessDeniedError
|
2022-01-25 09:14:50 -05:00
|
|
|
from superset.explore.form_data.commands.state import TemporaryExploreState
|
2022-01-20 14:27:57 -05:00
|
|
|
from superset.extensions import cache_manager
|
|
|
|
from superset.models.slice import Slice
|
2022-06-21 07:22:39 -04:00
|
|
|
from superset.utils.core import DatasourceType
|
2022-01-20 14:27:57 -05:00
|
|
|
from tests.integration_tests.fixtures.world_bank_dashboard import (
|
|
|
|
load_world_bank_dashboard_with_slices,
|
|
|
|
load_world_bank_data,
|
|
|
|
)
|
|
|
|
from tests.integration_tests.test_app import app
|
|
|
|
|
2022-03-16 19:15:52 -04:00
|
|
|
KEY = "test-key"
|
|
|
|
INITIAL_FORM_DATA = json.dumps({"test": "initial value"})
|
|
|
|
UPDATED_FORM_DATA = json.dumps({"test": "updated value"})
|
2022-01-20 14:27:57 -05:00
|
|
|
|
|
|
|
|
|
|
|
@pytest.fixture
|
|
|
|
def chart_id(load_world_bank_dashboard_with_slices) -> int:
|
|
|
|
with app.app_context() as ctx:
|
|
|
|
session: Session = ctx.app.appbuilder.get_session
|
|
|
|
chart = session.query(Slice).filter_by(slice_name="World's Population").one()
|
|
|
|
return chart.id
|
|
|
|
|
|
|
|
|
|
|
|
@pytest.fixture
|
|
|
|
def admin_id() -> int:
|
|
|
|
with app.app_context() as ctx:
|
|
|
|
session: Session = ctx.app.appbuilder.get_session
|
|
|
|
admin = session.query(User).filter_by(username="admin").one()
|
|
|
|
return admin.id
|
|
|
|
|
|
|
|
|
|
|
|
@pytest.fixture
|
2022-06-02 19:48:16 -04:00
|
|
|
def datasource() -> int:
|
2022-01-20 14:27:57 -05:00
|
|
|
with app.app_context() as ctx:
|
|
|
|
session: Session = ctx.app.appbuilder.get_session
|
|
|
|
dataset = (
|
|
|
|
session.query(SqlaTable)
|
|
|
|
.filter_by(table_name="wb_health_population")
|
|
|
|
.first()
|
|
|
|
)
|
2022-06-02 19:48:16 -04:00
|
|
|
return dataset
|
2022-01-20 14:27:57 -05:00
|
|
|
|
|
|
|
|
|
|
|
@pytest.fixture(autouse=True)
|
2022-06-02 19:48:16 -04:00
|
|
|
def cache(chart_id, admin_id, datasource):
|
2022-01-25 09:14:50 -05:00
|
|
|
entry: TemporaryExploreState = {
|
|
|
|
"owner": admin_id,
|
2022-06-02 19:48:16 -04:00
|
|
|
"datasource_id": datasource.id,
|
|
|
|
"datasource_type": datasource.type,
|
2022-01-25 09:14:50 -05:00
|
|
|
"chart_id": chart_id,
|
2022-03-16 19:15:52 -04:00
|
|
|
"form_data": INITIAL_FORM_DATA,
|
2022-01-25 09:14:50 -05:00
|
|
|
}
|
2022-03-16 19:15:52 -04:00
|
|
|
cache_manager.explore_form_data_cache.set(KEY, entry)
|
2022-01-20 14:27:57 -05:00
|
|
|
|
|
|
|
|
2022-07-14 21:10:31 -04:00
|
|
|
def test_post(test_client, login_as_admin, chart_id: int, datasource: SqlaTable):
|
2022-01-20 14:27:57 -05:00
|
|
|
payload = {
|
2022-06-02 19:48:16 -04:00
|
|
|
"datasource_id": datasource.id,
|
|
|
|
"datasource_type": datasource.type,
|
2022-01-25 09:14:50 -05:00
|
|
|
"chart_id": chart_id,
|
2022-03-16 19:15:52 -04:00
|
|
|
"form_data": INITIAL_FORM_DATA,
|
2022-01-20 14:27:57 -05:00
|
|
|
}
|
2022-07-14 21:10:31 -04:00
|
|
|
resp = test_client.post("api/v1/explore/form_data", json=payload)
|
2022-01-20 14:27:57 -05:00
|
|
|
assert resp.status_code == 201
|
|
|
|
|
|
|
|
|
2022-07-14 21:10:31 -04:00
|
|
|
def test_post_bad_request_non_string(
|
|
|
|
test_client, login_as_admin, chart_id: int, datasource: SqlaTable
|
|
|
|
):
|
2022-01-20 14:27:57 -05:00
|
|
|
payload = {
|
2022-06-02 19:48:16 -04:00
|
|
|
"datasource_id": datasource.id,
|
|
|
|
"datasource_type": datasource.type,
|
2022-01-25 09:14:50 -05:00
|
|
|
"chart_id": chart_id,
|
|
|
|
"form_data": 1234,
|
2022-01-20 14:27:57 -05:00
|
|
|
}
|
2022-07-14 21:10:31 -04:00
|
|
|
resp = test_client.post("api/v1/explore/form_data", json=payload)
|
2022-01-20 14:27:57 -05:00
|
|
|
assert resp.status_code == 400
|
|
|
|
|
|
|
|
|
2022-07-14 21:10:31 -04:00
|
|
|
def test_post_bad_request_non_json_string(
|
|
|
|
test_client, login_as_admin, chart_id: int, datasource: SqlaTable
|
|
|
|
):
|
2022-03-16 19:15:52 -04:00
|
|
|
payload = {
|
2022-06-02 19:48:16 -04:00
|
|
|
"datasource_id": datasource.id,
|
|
|
|
"datasource_type": datasource.type,
|
2022-03-16 19:15:52 -04:00
|
|
|
"chart_id": chart_id,
|
|
|
|
"form_data": "foo",
|
|
|
|
}
|
2022-07-14 21:10:31 -04:00
|
|
|
resp = test_client.post("api/v1/explore/form_data", json=payload)
|
2022-03-16 19:15:52 -04:00
|
|
|
assert resp.status_code == 400
|
|
|
|
|
|
|
|
|
2022-07-14 21:10:31 -04:00
|
|
|
def test_post_access_denied(
|
|
|
|
test_client, login_as, chart_id: int, datasource: SqlaTable
|
|
|
|
):
|
|
|
|
login_as("gamma")
|
2022-01-20 14:27:57 -05:00
|
|
|
payload = {
|
2022-06-02 19:48:16 -04:00
|
|
|
"datasource_id": datasource.id,
|
|
|
|
"datasource_type": datasource.type,
|
2022-01-25 09:14:50 -05:00
|
|
|
"chart_id": chart_id,
|
2022-03-16 19:15:52 -04:00
|
|
|
"form_data": INITIAL_FORM_DATA,
|
2022-01-20 14:27:57 -05:00
|
|
|
}
|
2022-07-14 21:10:31 -04:00
|
|
|
resp = test_client.post("api/v1/explore/form_data", json=payload)
|
2022-08-09 12:59:31 -04:00
|
|
|
assert resp.status_code == 403
|
2022-01-20 14:27:57 -05:00
|
|
|
|
|
|
|
|
2022-07-14 21:10:31 -04:00
|
|
|
def test_post_same_key_for_same_context(
|
|
|
|
test_client, login_as_admin, chart_id: int, datasource: SqlaTable
|
|
|
|
):
|
2022-02-14 15:09:06 -05:00
|
|
|
payload = {
|
2022-06-02 19:48:16 -04:00
|
|
|
"datasource_id": datasource.id,
|
|
|
|
"datasource_type": datasource.type,
|
2022-02-14 15:09:06 -05:00
|
|
|
"chart_id": chart_id,
|
2022-03-16 19:15:52 -04:00
|
|
|
"form_data": UPDATED_FORM_DATA,
|
2022-02-14 15:09:06 -05:00
|
|
|
}
|
2022-07-14 21:10:31 -04:00
|
|
|
resp = test_client.post("api/v1/explore/form_data?tab_id=1", json=payload)
|
2022-02-14 15:09:06 -05:00
|
|
|
data = json.loads(resp.data.decode("utf-8"))
|
|
|
|
first_key = data.get("key")
|
2022-07-14 21:10:31 -04:00
|
|
|
resp = test_client.post("api/v1/explore/form_data?tab_id=1", json=payload)
|
2022-02-14 15:09:06 -05:00
|
|
|
data = json.loads(resp.data.decode("utf-8"))
|
|
|
|
second_key = data.get("key")
|
|
|
|
assert first_key == second_key
|
|
|
|
|
|
|
|
|
|
|
|
def test_post_different_key_for_different_context(
|
2022-07-14 21:10:31 -04:00
|
|
|
test_client, login_as_admin, chart_id: int, datasource: SqlaTable
|
2022-02-14 15:09:06 -05:00
|
|
|
):
|
|
|
|
payload = {
|
2022-06-02 19:48:16 -04:00
|
|
|
"datasource_id": datasource.id,
|
|
|
|
"datasource_type": datasource.type,
|
2022-02-14 15:09:06 -05:00
|
|
|
"chart_id": chart_id,
|
2022-03-16 19:15:52 -04:00
|
|
|
"form_data": UPDATED_FORM_DATA,
|
2022-02-14 15:09:06 -05:00
|
|
|
}
|
2022-07-14 21:10:31 -04:00
|
|
|
resp = test_client.post("api/v1/explore/form_data?tab_id=1", json=payload)
|
2022-02-14 15:09:06 -05:00
|
|
|
data = json.loads(resp.data.decode("utf-8"))
|
|
|
|
first_key = data.get("key")
|
|
|
|
payload = {
|
2022-06-02 19:48:16 -04:00
|
|
|
"datasource_id": datasource.id,
|
|
|
|
"datasource_type": datasource.type,
|
2022-03-16 19:15:52 -04:00
|
|
|
"form_data": json.dumps({"test": "initial value"}),
|
2022-02-14 15:09:06 -05:00
|
|
|
}
|
2022-07-14 21:10:31 -04:00
|
|
|
resp = test_client.post("api/v1/explore/form_data?tab_id=1", json=payload)
|
2022-02-14 15:09:06 -05:00
|
|
|
data = json.loads(resp.data.decode("utf-8"))
|
|
|
|
second_key = data.get("key")
|
|
|
|
assert first_key != second_key
|
|
|
|
|
|
|
|
|
2022-07-14 21:10:31 -04:00
|
|
|
def test_post_same_key_for_same_tab_id(
|
|
|
|
test_client, login_as_admin, chart_id: int, datasource: SqlaTable
|
|
|
|
):
|
2022-02-14 15:09:06 -05:00
|
|
|
payload = {
|
2022-06-02 19:48:16 -04:00
|
|
|
"datasource_id": datasource.id,
|
|
|
|
"datasource_type": datasource.type,
|
2022-02-14 15:09:06 -05:00
|
|
|
"chart_id": chart_id,
|
2022-03-16 19:15:52 -04:00
|
|
|
"form_data": json.dumps({"test": "initial value"}),
|
2022-02-14 15:09:06 -05:00
|
|
|
}
|
2022-07-14 21:10:31 -04:00
|
|
|
resp = test_client.post("api/v1/explore/form_data?tab_id=1", json=payload)
|
2022-02-14 15:09:06 -05:00
|
|
|
data = json.loads(resp.data.decode("utf-8"))
|
|
|
|
first_key = data.get("key")
|
2022-07-14 21:10:31 -04:00
|
|
|
resp = test_client.post("api/v1/explore/form_data?tab_id=1", json=payload)
|
2022-02-14 15:09:06 -05:00
|
|
|
data = json.loads(resp.data.decode("utf-8"))
|
|
|
|
second_key = data.get("key")
|
|
|
|
assert first_key == second_key
|
|
|
|
|
|
|
|
|
|
|
|
def test_post_different_key_for_different_tab_id(
|
2022-07-14 21:10:31 -04:00
|
|
|
test_client, login_as_admin, chart_id: int, datasource: SqlaTable
|
2022-02-14 15:09:06 -05:00
|
|
|
):
|
|
|
|
payload = {
|
2022-06-02 19:48:16 -04:00
|
|
|
"datasource_id": datasource.id,
|
|
|
|
"datasource_type": datasource.type,
|
2022-02-14 15:09:06 -05:00
|
|
|
"chart_id": chart_id,
|
2022-03-16 19:15:52 -04:00
|
|
|
"form_data": json.dumps({"test": "initial value"}),
|
2022-02-14 15:09:06 -05:00
|
|
|
}
|
2022-07-14 21:10:31 -04:00
|
|
|
resp = test_client.post("api/v1/explore/form_data?tab_id=1", json=payload)
|
2022-02-14 15:09:06 -05:00
|
|
|
data = json.loads(resp.data.decode("utf-8"))
|
|
|
|
first_key = data.get("key")
|
2022-07-14 21:10:31 -04:00
|
|
|
resp = test_client.post("api/v1/explore/form_data?tab_id=2", json=payload)
|
2022-02-14 15:09:06 -05:00
|
|
|
data = json.loads(resp.data.decode("utf-8"))
|
|
|
|
second_key = data.get("key")
|
|
|
|
assert first_key != second_key
|
|
|
|
|
|
|
|
|
2022-07-14 21:10:31 -04:00
|
|
|
def test_post_different_key_for_no_tab_id(
|
|
|
|
test_client, login_as_admin, chart_id: int, datasource: SqlaTable
|
|
|
|
):
|
2022-02-14 15:09:06 -05:00
|
|
|
payload = {
|
2022-06-02 19:48:16 -04:00
|
|
|
"datasource_id": datasource.id,
|
|
|
|
"datasource_type": datasource.type,
|
2022-02-14 15:09:06 -05:00
|
|
|
"chart_id": chart_id,
|
2022-03-16 19:15:52 -04:00
|
|
|
"form_data": INITIAL_FORM_DATA,
|
2022-02-14 15:09:06 -05:00
|
|
|
}
|
2022-07-14 21:10:31 -04:00
|
|
|
resp = test_client.post("api/v1/explore/form_data", json=payload)
|
2022-02-14 15:09:06 -05:00
|
|
|
data = json.loads(resp.data.decode("utf-8"))
|
|
|
|
first_key = data.get("key")
|
2022-07-14 21:10:31 -04:00
|
|
|
resp = test_client.post("api/v1/explore/form_data", json=payload)
|
2022-02-14 15:09:06 -05:00
|
|
|
data = json.loads(resp.data.decode("utf-8"))
|
|
|
|
second_key = data.get("key")
|
|
|
|
assert first_key != second_key
|
|
|
|
|
|
|
|
|
2022-07-14 21:10:31 -04:00
|
|
|
def test_put(test_client, login_as_admin, chart_id: int, datasource: SqlaTable):
|
2022-01-20 14:27:57 -05:00
|
|
|
payload = {
|
2022-06-02 19:48:16 -04:00
|
|
|
"datasource_id": datasource.id,
|
|
|
|
"datasource_type": datasource.type,
|
2022-01-25 09:14:50 -05:00
|
|
|
"chart_id": chart_id,
|
2022-03-16 19:15:52 -04:00
|
|
|
"form_data": UPDATED_FORM_DATA,
|
2022-01-20 14:27:57 -05:00
|
|
|
}
|
2022-07-14 21:10:31 -04:00
|
|
|
resp = test_client.put(f"api/v1/explore/form_data/{KEY}", json=payload)
|
2022-01-20 14:27:57 -05:00
|
|
|
assert resp.status_code == 200
|
|
|
|
|
|
|
|
|
2022-07-14 21:10:31 -04:00
|
|
|
def test_put_same_key_for_same_tab_id(
|
|
|
|
test_client, login_as_admin, chart_id: int, datasource: SqlaTable
|
|
|
|
):
|
2022-02-14 15:09:06 -05:00
|
|
|
payload = {
|
2022-06-02 19:48:16 -04:00
|
|
|
"datasource_id": datasource.id,
|
|
|
|
"datasource_type": datasource.type,
|
2022-02-14 15:09:06 -05:00
|
|
|
"chart_id": chart_id,
|
2022-03-16 19:15:52 -04:00
|
|
|
"form_data": UPDATED_FORM_DATA,
|
2022-02-14 15:09:06 -05:00
|
|
|
}
|
2022-07-14 21:10:31 -04:00
|
|
|
resp = test_client.put(f"api/v1/explore/form_data/{KEY}?tab_id=1", json=payload)
|
2022-02-14 15:09:06 -05:00
|
|
|
data = json.loads(resp.data.decode("utf-8"))
|
|
|
|
first_key = data.get("key")
|
2022-07-14 21:10:31 -04:00
|
|
|
resp = test_client.put(f"api/v1/explore/form_data/{KEY}?tab_id=1", json=payload)
|
2022-02-14 15:09:06 -05:00
|
|
|
data = json.loads(resp.data.decode("utf-8"))
|
|
|
|
second_key = data.get("key")
|
|
|
|
assert first_key == second_key
|
|
|
|
|
|
|
|
|
2022-06-02 19:48:16 -04:00
|
|
|
def test_put_different_key_for_different_tab_id(
|
2022-07-14 21:10:31 -04:00
|
|
|
test_client, login_as_admin, chart_id: int, datasource: SqlaTable
|
2022-06-02 19:48:16 -04:00
|
|
|
):
|
2022-02-14 15:09:06 -05:00
|
|
|
payload = {
|
2022-06-02 19:48:16 -04:00
|
|
|
"datasource_id": datasource.id,
|
|
|
|
"datasource_type": datasource.type,
|
2022-02-14 15:09:06 -05:00
|
|
|
"chart_id": chart_id,
|
2022-03-16 19:15:52 -04:00
|
|
|
"form_data": UPDATED_FORM_DATA,
|
2022-02-14 15:09:06 -05:00
|
|
|
}
|
2022-07-14 21:10:31 -04:00
|
|
|
resp = test_client.put(f"api/v1/explore/form_data/{KEY}?tab_id=1", json=payload)
|
2022-02-14 15:09:06 -05:00
|
|
|
data = json.loads(resp.data.decode("utf-8"))
|
|
|
|
first_key = data.get("key")
|
2022-07-14 21:10:31 -04:00
|
|
|
resp = test_client.put(f"api/v1/explore/form_data/{KEY}?tab_id=2", json=payload)
|
2022-02-14 15:09:06 -05:00
|
|
|
data = json.loads(resp.data.decode("utf-8"))
|
|
|
|
second_key = data.get("key")
|
|
|
|
assert first_key != second_key
|
|
|
|
|
|
|
|
|
2022-07-14 21:10:31 -04:00
|
|
|
def test_put_different_key_for_no_tab_id(
|
|
|
|
test_client, login_as_admin, chart_id: int, datasource: SqlaTable
|
|
|
|
):
|
2022-02-14 15:09:06 -05:00
|
|
|
payload = {
|
2022-06-02 19:48:16 -04:00
|
|
|
"datasource_id": datasource.id,
|
|
|
|
"datasource_type": datasource.type,
|
2022-02-14 15:09:06 -05:00
|
|
|
"chart_id": chart_id,
|
2022-03-16 19:15:52 -04:00
|
|
|
"form_data": UPDATED_FORM_DATA,
|
2022-02-14 15:09:06 -05:00
|
|
|
}
|
2022-07-14 21:10:31 -04:00
|
|
|
resp = test_client.put(f"api/v1/explore/form_data/{KEY}", json=payload)
|
2022-02-14 15:09:06 -05:00
|
|
|
data = json.loads(resp.data.decode("utf-8"))
|
|
|
|
first_key = data.get("key")
|
2022-07-14 21:10:31 -04:00
|
|
|
resp = test_client.put(f"api/v1/explore/form_data/{KEY}", json=payload)
|
2022-02-14 15:09:06 -05:00
|
|
|
data = json.loads(resp.data.decode("utf-8"))
|
|
|
|
second_key = data.get("key")
|
|
|
|
assert first_key != second_key
|
|
|
|
|
|
|
|
|
2022-07-14 21:10:31 -04:00
|
|
|
def test_put_bad_request(
|
|
|
|
test_client, login_as_admin, chart_id: int, datasource: SqlaTable
|
|
|
|
):
|
2022-01-20 14:27:57 -05:00
|
|
|
payload = {
|
2022-06-02 19:48:16 -04:00
|
|
|
"datasource_id": datasource.id,
|
|
|
|
"datasource_type": datasource.type,
|
2022-01-25 09:14:50 -05:00
|
|
|
"chart_id": chart_id,
|
|
|
|
"form_data": 1234,
|
2022-01-20 14:27:57 -05:00
|
|
|
}
|
2022-07-14 21:10:31 -04:00
|
|
|
resp = test_client.put(f"api/v1/explore/form_data/{KEY}", json=payload)
|
2022-03-16 19:15:52 -04:00
|
|
|
assert resp.status_code == 400
|
|
|
|
|
|
|
|
|
2022-07-14 21:10:31 -04:00
|
|
|
def test_put_bad_request_non_string(
|
|
|
|
test_client, login_as_admin, chart_id: int, datasource: SqlaTable
|
|
|
|
):
|
2022-03-16 19:15:52 -04:00
|
|
|
payload = {
|
2022-06-02 19:48:16 -04:00
|
|
|
"datasource_id": datasource.id,
|
|
|
|
"datasource_type": datasource.type,
|
2022-03-16 19:15:52 -04:00
|
|
|
"chart_id": chart_id,
|
|
|
|
"form_data": 1234,
|
|
|
|
}
|
2022-07-14 21:10:31 -04:00
|
|
|
resp = test_client.put(f"api/v1/explore/form_data/{KEY}", json=payload)
|
2022-03-16 19:15:52 -04:00
|
|
|
assert resp.status_code == 400
|
|
|
|
|
|
|
|
|
2022-07-14 21:10:31 -04:00
|
|
|
def test_put_bad_request_non_json_string(
|
|
|
|
test_client, login_as_admin, chart_id: int, datasource: SqlaTable
|
|
|
|
):
|
2022-03-16 19:15:52 -04:00
|
|
|
payload = {
|
2022-06-02 19:48:16 -04:00
|
|
|
"datasource_id": datasource.id,
|
|
|
|
"datasource_type": datasource.type,
|
2022-03-16 19:15:52 -04:00
|
|
|
"chart_id": chart_id,
|
|
|
|
"form_data": "foo",
|
|
|
|
}
|
2022-07-14 21:10:31 -04:00
|
|
|
resp = test_client.put(f"api/v1/explore/form_data/{KEY}", json=payload)
|
2022-01-20 14:27:57 -05:00
|
|
|
assert resp.status_code == 400
|
|
|
|
|
|
|
|
|
2022-07-14 21:10:31 -04:00
|
|
|
def test_put_access_denied(test_client, login_as, chart_id: int, datasource: SqlaTable):
|
|
|
|
login_as("gamma")
|
2022-01-20 14:27:57 -05:00
|
|
|
payload = {
|
2022-06-02 19:48:16 -04:00
|
|
|
"datasource_id": datasource.id,
|
|
|
|
"datasource_type": datasource.type,
|
2022-01-25 09:14:50 -05:00
|
|
|
"chart_id": chart_id,
|
2022-03-16 19:15:52 -04:00
|
|
|
"form_data": UPDATED_FORM_DATA,
|
2022-01-20 14:27:57 -05:00
|
|
|
}
|
2022-07-14 21:10:31 -04:00
|
|
|
resp = test_client.put(f"api/v1/explore/form_data/{KEY}", json=payload)
|
2022-08-09 12:59:31 -04:00
|
|
|
assert resp.status_code == 403
|
2022-01-20 14:27:57 -05:00
|
|
|
|
|
|
|
|
2022-07-14 21:10:31 -04:00
|
|
|
def test_put_not_owner(test_client, login_as, chart_id: int, datasource: SqlaTable):
|
|
|
|
login_as("gamma")
|
2022-01-20 14:27:57 -05:00
|
|
|
payload = {
|
2022-06-02 19:48:16 -04:00
|
|
|
"datasource_id": datasource.id,
|
|
|
|
"datasource_type": datasource.type,
|
2022-01-25 09:14:50 -05:00
|
|
|
"chart_id": chart_id,
|
2022-03-16 19:15:52 -04:00
|
|
|
"form_data": UPDATED_FORM_DATA,
|
2022-01-20 14:27:57 -05:00
|
|
|
}
|
2022-07-14 21:10:31 -04:00
|
|
|
resp = test_client.put(f"api/v1/explore/form_data/{KEY}", json=payload)
|
2022-08-09 12:59:31 -04:00
|
|
|
assert resp.status_code == 403
|
2022-01-20 14:27:57 -05:00
|
|
|
|
|
|
|
|
2022-07-14 21:10:31 -04:00
|
|
|
def test_get_key_not_found(test_client, login_as_admin):
|
|
|
|
resp = test_client.get(f"api/v1/explore/form_data/unknown-key")
|
2022-01-20 14:27:57 -05:00
|
|
|
assert resp.status_code == 404
|
|
|
|
|
|
|
|
|
2022-07-14 21:10:31 -04:00
|
|
|
def test_get(test_client, login_as_admin):
|
|
|
|
resp = test_client.get(f"api/v1/explore/form_data/{KEY}")
|
2022-01-20 14:27:57 -05:00
|
|
|
assert resp.status_code == 200
|
|
|
|
data = json.loads(resp.data.decode("utf-8"))
|
2022-03-16 19:15:52 -04:00
|
|
|
assert INITIAL_FORM_DATA == data.get("form_data")
|
2022-01-20 14:27:57 -05:00
|
|
|
|
|
|
|
|
2022-07-14 21:10:31 -04:00
|
|
|
def test_get_access_denied(test_client, login_as):
|
|
|
|
login_as("gamma")
|
|
|
|
resp = test_client.get(f"api/v1/explore/form_data/{KEY}")
|
2022-08-09 12:59:31 -04:00
|
|
|
assert resp.status_code == 403
|
2022-01-20 14:27:57 -05:00
|
|
|
|
|
|
|
|
|
|
|
@patch("superset.security.SupersetSecurityManager.can_access_datasource")
|
2022-07-14 21:10:31 -04:00
|
|
|
def test_get_dataset_access_denied(
|
|
|
|
mock_can_access_datasource, test_client, login_as_admin
|
|
|
|
):
|
2022-01-20 14:27:57 -05:00
|
|
|
mock_can_access_datasource.side_effect = DatasetAccessDeniedError()
|
2022-07-14 21:10:31 -04:00
|
|
|
resp = test_client.get(f"api/v1/explore/form_data/{KEY}")
|
2022-01-20 14:27:57 -05:00
|
|
|
assert resp.status_code == 403
|
|
|
|
|
|
|
|
|
2022-07-14 21:10:31 -04:00
|
|
|
def test_delete(test_client, login_as_admin):
|
|
|
|
resp = test_client.delete(f"api/v1/explore/form_data/{KEY}")
|
2022-01-20 14:27:57 -05:00
|
|
|
assert resp.status_code == 200
|
|
|
|
|
|
|
|
|
2022-07-14 21:10:31 -04:00
|
|
|
def test_delete_access_denied(test_client, login_as):
|
|
|
|
login_as("gamma")
|
|
|
|
resp = test_client.delete(f"api/v1/explore/form_data/{KEY}")
|
2022-08-09 12:59:31 -04:00
|
|
|
assert resp.status_code == 403
|
2022-01-20 14:27:57 -05:00
|
|
|
|
|
|
|
|
2022-07-14 21:10:31 -04:00
|
|
|
def test_delete_not_owner(
|
|
|
|
test_client, login_as_admin, chart_id: int, datasource: SqlaTable, admin_id: int
|
|
|
|
):
|
2022-01-20 14:27:57 -05:00
|
|
|
another_key = "another_key"
|
|
|
|
another_owner = admin_id + 1
|
2022-01-25 09:14:50 -05:00
|
|
|
entry: TemporaryExploreState = {
|
|
|
|
"owner": another_owner,
|
2022-06-02 19:48:16 -04:00
|
|
|
"datasource_id": datasource.id,
|
2022-06-21 07:22:39 -04:00
|
|
|
"datasource_type": DatasourceType(datasource.type),
|
2022-01-25 09:14:50 -05:00
|
|
|
"chart_id": chart_id,
|
2022-03-16 19:15:52 -04:00
|
|
|
"form_data": INITIAL_FORM_DATA,
|
2022-01-25 09:14:50 -05:00
|
|
|
}
|
|
|
|
cache_manager.explore_form_data_cache.set(another_key, entry)
|
2022-07-14 21:10:31 -04:00
|
|
|
resp = test_client.delete(f"api/v1/explore/form_data/{another_key}")
|
2022-01-20 14:27:57 -05:00
|
|
|
assert resp.status_code == 403
|