* fix: change public role like gamma procedure
* lint and updating UPDATING with breaking change
* fix updating text
* add test and support PUBLIC_ROLE_LIKE_GAMMA
* fix, cleanup tests
* fix, new test
* fix, public default
* Update superset/config.py
Co-authored-by: Ville Brofeldt <33317356+villebro@users.noreply.github.com>
* add simple public welcome page
Co-authored-by: Ville Brofeldt <33317356+villebro@users.noreply.github.com>
* fix(permissions): alpha role is inconsistent
* reverse and allow Alpha to access manager menu
* Bump FAB to 3.0.1rc1 to include del permission fix
* add docs, tests and UPDATING
* EOL
* Fix query view for Alpha
* chore: bump pyhton dependencies
* bump flask-testing
* Add note to UPDATING and bump flask-testing in requirements-dev.txt
* fix old sqlparse test case that is fixed with sqlparse==0.3.1
* Fix migration and sqlparse set test
* downgrade alembic
* Downgrade sqlalchemy-utils
* pin sqlalchemy-utils due to regression in 0.36.5
* Refine comment in setup.py
* make cachelib an explicit requirement
* Support and apply filters.
* Added the UI for row level security, and moved it all under SQLA in order to access the Table model more easily.
* Added a row level security filter documentation entry.
* Accidentally added two new lines to this file.
* Blacked and iSorted, hopefully. Also, sometimes g.user may not be set.
* Another isort, and handling g not having a user attribute another way.
* Let's try this again #CI tests.
* Adjusted import order for isort; I was sure I'd already done this..
* Row level filters should be wrapped in parentheses in case one contains an OR.
* Oops, did not think that would change Black's formatting.
* Changes as per @mistercrunch.
* RLS filters are now many-to-many with Roles.
* Updated documentation to reflect RLS filters supporting multiple rows.
* Let's see what happens when I set it to the previous revision ID
* Updated from upstream.
* There was a pylint error.
* Added RLS ids to the cache keys; modified documentation; added template processing to RLS filters.
* A new migration was merged in.
* Removed RLS cache key from query_object.
* RLS added to the cache_key from query_context.
* Changes as per @etr2460.
* Updating entry for RLS pull request.
* Another migration to skip.
* Changes as per @serenajiang.
* Blacked.
* Blacked and added some attributes to check for.
* Changed to a manual query as per @mistercrunch.
* Blacked.
* Another migration in the meantime.
* Black wanted some whitespace changes.
* AttributeError: 'AnonymousUserMixin' object has no attribute 'id'.
* Oops, did hasattr backwards.
* Changes as per @mistercrunch.
* Doesn't look like text us required here anymore.
* Changes as per @dpgaspar
* Two RLS tests.
* Row level security is now disabled by default via the feature flag ENABLE_ROW_LEVEL_SECURITY.
* New head to revise.
* Changed the comment.
* Add feature flags to control query sharing, KV exposure
* Add tests, fix bug
* Skip test for kv endpoints when they are disabled
* ESLint fixes
* Remove unnecessary binds
* Fix eslint errors
* Add note to UPDATING.md RE: new feature flag options
* Use expanded version of RBAC
* Enable KV_STORE and SHARE_QUERIES_VIA_KV_STORE feature flags in the test environment
* Fix black
* Disable deprecated druid connector by default
* Add a line in UPDATING.md for the configuration change
* Remove security tests related default-disabled feature
* More test updates
* black
* chore: deprecate restricted metrics
An early community contribution added the concept of restricted metrics.
The idea was to allow for some metrics to be restricted, and if a metric
was tagged as such, a user would need to be given access to that metric
more explicitely, through a special perm we would maintain for that
metric.
Now since the new concept of "Adhoc Metrics", the popover that lets a
user pick a column and an aggregate function or to write their own SQL
expression inline, this restriction is completely bypassed. Adhoc
metrics was developed without the restricted metrics in mind.
Anyhow, in the near future, we'll be rethinking the ideas behind
data-access permissions, and things like column-level or row-level
security will be redesigned from scratch.
By deprecating this feature, we're removing a confusing and mostly broken
feature, and making it easy to move forward
* Use context manager to drop columns
* disable jest's maxWorkers
John Bodley
Ville Brofeldt
Daniel Vaz Gaspar
Grace Guo
Craig Rueda
Hossein Torabi
Bogdan
David Aaron Suddjian
altef
Will Barrett
Beto Dealmeida
Erik Ritter
serenajiang
Maxime Beauchemin