mirror of https://github.com/apache/superset.git
fix: Catalog with restricted permissions produces an error during database connection (#29257)
This commit is contained in:
parent
16c449748a
commit
37753cbdc2
|
@ -116,3 +116,4 @@ docker/requirements-local.txt
|
|||
|
||||
cache/
|
||||
docker/*local*
|
||||
.temp_cache
|
||||
|
|
|
@ -40,6 +40,7 @@ from superset.commands.database.ssh_tunnel.exceptions import (
|
|||
from superset.commands.database.test_connection import TestConnectionDatabaseCommand
|
||||
from superset.daos.database import DatabaseDAO
|
||||
from superset.daos.exceptions import DAOCreateFailedError
|
||||
from superset.databases.ssh_tunnel.models import SSHTunnel
|
||||
from superset.exceptions import SupersetErrorsException
|
||||
from superset.extensions import db, event_logger, security_manager
|
||||
from superset.models.core import Database
|
||||
|
@ -82,7 +83,7 @@ class CreateDatabaseCommand(BaseCommand):
|
|||
"{}",
|
||||
)
|
||||
|
||||
ssh_tunnel = None
|
||||
ssh_tunnel: Optional[SSHTunnel] = None
|
||||
|
||||
try:
|
||||
database = self._create_database()
|
||||
|
@ -115,19 +116,11 @@ class CreateDatabaseCommand(BaseCommand):
|
|||
catalogs = [None]
|
||||
|
||||
for catalog in catalogs:
|
||||
for schema in database.get_all_schema_names(
|
||||
catalog=catalog,
|
||||
cache=False,
|
||||
ssh_tunnel=ssh_tunnel,
|
||||
):
|
||||
security_manager.add_permission_view_menu(
|
||||
"schema_access",
|
||||
security_manager.get_schema_perm(
|
||||
database.database_name,
|
||||
catalog,
|
||||
schema,
|
||||
),
|
||||
)
|
||||
try:
|
||||
self.add_schema_permissions(database, catalog, ssh_tunnel)
|
||||
except Exception: # pylint: disable=broad-except
|
||||
logger.warning("Error processing catalog '%s'", catalog)
|
||||
continue
|
||||
|
||||
except (
|
||||
SSHTunnelInvalidError,
|
||||
|
@ -159,6 +152,26 @@ class CreateDatabaseCommand(BaseCommand):
|
|||
|
||||
return database
|
||||
|
||||
def add_schema_permissions(
|
||||
self,
|
||||
database: Database,
|
||||
catalog: str,
|
||||
ssh_tunnel: Optional[SSHTunnel],
|
||||
) -> None:
|
||||
for schema in database.get_all_schema_names(
|
||||
catalog=catalog,
|
||||
cache=False,
|
||||
ssh_tunnel=ssh_tunnel,
|
||||
):
|
||||
security_manager.add_permission_view_menu(
|
||||
"schema_access",
|
||||
security_manager.get_schema_perm(
|
||||
database.database_name,
|
||||
catalog,
|
||||
schema,
|
||||
),
|
||||
)
|
||||
|
||||
def validate(self) -> None:
|
||||
exceptions: list[ValidationError] = []
|
||||
sqlalchemy_uri: Optional[str] = self._properties.get("sqlalchemy_uri")
|
||||
|
|
Loading…
Reference in New Issue