pt
/
superset
mirror of https://github.com/apache/superset.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add PUBLIC_ROLE_LIKE_GAMMA config flag (#473)

This commit is contained in:
Andrii Sydorchuk 2016-05-17 00:24:43 -04:00 committed by Maxime Beauchemin
parent 2620aeca02
commit 8a406b18f5
3 changed files with 36 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
caravel/config.py
View File

@ -93,6 +93,15 @@ AUTH_TYPE = AUTH_DB
# { 'name': 'AOL', 'url': 'http://openid.aol.com/<username>' },
# { 'name': 'Flickr', 'url': 'http://www.flickr.com/<username>' },
# { 'name': 'MyOpenID', 'url': 'https://www.myopenid.com' }]
# ---------------------------------------------------
# Roles config
# ---------------------------------------------------
# Grant public role the same set of permissions as for the GAMMA role.
# This is useful if one wants to enable anonymous users to view
# dashboards. Explicit grant on specific datasets is still required.
PUBLIC_ROLE_LIKE_GAMMA = False
# ---------------------------------------------------
# Babel config for translations
# ---------------------------------------------------

37
caravel/utils.py
View File

@ -154,6 +154,7 @@ def init(caravel):
sm = caravel.appbuilder.sm
alpha = sm.add_role("Alpha")
admin = sm.add_role("Admin")
config = caravel.app.config
merge_perm(sm, 'all_datasource_access', 'all_datasource_access')
@ -167,24 +168,28 @@ def init(caravel):
sm.add_permission_role(alpha, perm)
sm.add_permission_role(admin, perm)
gamma = sm.add_role("Gamma")
public_role = sm.find_role("Public")
public_role_like_gamma = \
public_role and config.get('PUBLIC_ROLE_LIKE_GAMMA', False)
for perm in perms:
if(
perm.view_menu and perm.view_menu.name not in (
'ResetPasswordView',
'RoleModelView',
'UserDBModelView',
'Security') and
perm.permission.name not in (
'all_datasource_access',
'can_add',
'can_download',
'can_delete',
'can_edit',
'can_save',
'datasource_access',
'muldelete',
)):
if (perm.view_menu and perm.view_menu.name not in (
'ResetPasswordView',
'RoleModelView',
'UserDBModelView',
'Security') and
perm.permission.name not in (
'all_datasource_access',
'can_add',
'can_download',
'can_delete',
'can_edit',
'can_save',
'datasource_access',
'muldelete',
)):
sm.add_permission_role(gamma, perm)
if public_role_like_gamma:
sm.add_permission_role(public_role, perm)
session = db.session()
table_perms = [
table.perm for table in session.query(models.SqlaTable).all()]

22
tests/core_tests.py
View File

@ -24,6 +24,7 @@ app.config['TESTING'] = True
app.config['CSRF_ENABLED'] = False
app.config['SECRET_KEY'] = 'thisismyscretkey'
app.config['WTF_CSRF_ENABLED'] = False
app.config['PUBLIC_ROLE_LIKE_GAMMA'] = True
BASE_DIR = app.config.get("BASE_DIR")
cli = imp.load_source('cli', BASE_DIR + "/bin/caravel")
@ -68,20 +69,9 @@ class CaravelTestCase(unittest.TestCase):
public_role = appbuilder.sm.find_role('Public')
perms = db.session.query(ab_models.PermissionView).all()
for perm in perms:
if perm.permission.name not in (
'can_list',
'can_dashboard',
'can_explore',
'datasource_access'):
continue
if not perm.view_menu:
continue
if perm.view_menu.name not in (
'SliceModelView',
'DashboardModelView',
'Caravel') and dashboard_name not in perm.view_menu.name:
continue
appbuilder.sm.add_permission_role(public_role, perm)
if (perm.permission.name == 'datasource_access' and
perm.view_menu and dashboard_name in perm.view_menu.name):
appbuilder.sm.add_permission_role(public_role, perm)
class CoreTests(CaravelTestCase):
@ -195,9 +185,9 @@ class CoreTests(CaravelTestCase):
data = resp.data.decode('utf-8')
assert '<a href="/caravel/dashboard/births/">' not in data
resp = self.client.get('/caravel/dashboard/births/')
resp = self.client.get('/caravel/explore/table/3/', follow_redirects=True)
data = resp.data.decode('utf-8')
assert '[dashboard] Births' not in data
assert "You don&#39;t seem to have access to this datasource" in data
self.setup_public_access_for_dashboard('birth_names')