* feat: deprecate old API and create new API for dashes created by me
* add tests
* fix previous test
* fix test and lint
* fix sqlite test
* fix lint
* fix lint
* lint
* fix tests
* fix tests
* use dashboards get list instead
* clean unnecessary marshmallow schema
* Update superset/views/core.py
Co-authored-by: Ville Brofeldt <33317356+villebro@users.noreply.github.com>
* lint
Co-authored-by: Ville Brofeldt <33317356+villebro@users.noreply.github.com>
* Update drill+sadrill to specify an SA URL parm of "impersonation_target".
Sqlalchemy-drill is being updated to support impersonation with the
drill+sadrill driver, where previously it did not. The way that callers
should specify impersonation matches that for the drill+jdbc driver in that
a SA URL parameter of impersonation_target should be set to the username
of the user to be impersonated, while the stadard SA username and password
should be those of the proxy user.
* Remove lint.
* Address review comments.
* Use idiomatic pytest to test for a raised exception.
* Fix import statement order in drill.py.
* embedded dashboard model
* embedded dashboard endpoints
* DRY up using the with_dashboard decorator elsewhere
* wip
* check feature flags and permissions
* wip
* sdk
* urls
* dao option for id column
* got it working
* Update superset/embedded/view.py
* use the curator check
* put back old endpoint, for now
* allow access by either embedded.uuid or dashboard.id
* keep the old endpoint around, for the time being
* openapi
* lint
* lint
* lint
* test stuff
* lint, test
* typo
* Update superset-frontend/src/embedded/index.tsx
* Update superset-frontend/src/embedded/index.tsx
* fix tests
* bump sdk
* remove depracted keys and associated methods
* remove api methods and tablemodel views
* remove deprecated api and unsued vars
* reremove schedules
* readd code
* fix pylint
* run black
* remove test
* core select start test
* add suggested changes
* chore: bump celery, Flask, flask-jwt-extended, pyJWT
* fix pyJWT breaking change
* fix pyJWT breaking change 2
* test
* fixed test
* fixed test
* fixed test
* revert since mypy won't pick the correct signature
* lint 1
* fix test
* fix test
* docs and celery config migration
* bump FAB to 4.0.0rc3, remove AUTH_STRICT_RESPONSE_CODES
* update docs for new celery config keys
* downgrade celery to 5.2.2
* ref FAB to final 4.0.0 release
* remove conflict left over
* remove ENABLE_REACT_CRUD_VIEWS feature flag
* docs
* deal with problematic tests
* empty test suite
* skip test
* test conditions changed
* removing the tests instead of skipping
* feat: helper functions for RLS
* Add function to inject RLS
* Add UNION tests
* Add tests for schema
* Add more tests; cleanup
* has_table_query via tree traversal
* Wrap existing predicate in parenthesis
* Clean up logic
* Improve table matching
* wip
* add force cahce bypass option to alerts
* remove default for alerts to bypass cache
* save for now
* save for now
* fix
* commenting out for now
* fix linting
* remove link
* add back force id test
* add frontend test
* address
* SQL-TOP Fix For Database Engines
MSSQL is not supporting LIMIT syntax in SQLs. For limiting the rows, MSSQL having a different keyword TOP. Added fixes for handling the TOP and LIMIT clauses based on the database engines.
* Teradata code for top clause handling removed from teradata.py
Teradata code for top clause handling removed from teradata.py file, since we added generic section in base engine for the same.
* Changes to handle CTE along with TOP in complex SQLs
Added changes to handle TOP command in CTEs, for DB Engines which are not supporting inline CTEs.
* Test cases for TOP unit testing in MSSQL
Added multiple unit test cases for MSSQL top command handling and also along with CTEs
* Corrected the select_keywords name key in basengine
Corrected the select_keywords name key in basengine
* Changes based on as per review.
made the required corrections based on code review to keep good code readability and code cleanliness.
* Review changes to correct lint and typo issues
Made the changes according to the review comments.
* fix linting errors
* fix teradata tests
* add coverage
* lint
* Code cleanliness
Moved the top/limit flag check from sql_lab to core.
* Changed for code cleanliness
Changes for keeping code cleanliness
* Corrected lint issue
Corrected lint issue.
* Code cleanliness
Code cleanliness
Co-authored-by: Ville Brofeldt <ville.v.brofeldt@gmail.com>
* more data nav menu
* fix lint and fix nav css
* update test and remove icons
* Update superset-frontend/src/views/components/Menu.test.tsx
Co-authored-by: Hugh A. Miles II <hughmil3s@gmail.com>
* Apply suggestions from code review
* use backend app.link to show new nav changes
* fix lint
* update test
* usetheme and remove chaining
* add more suggestions
* fix lint
* add allowed extensions to bootstrap and hard code links
* remove backend links
* fix test
* add extensions to frontend conf
* fix test and add be changes
* test is python test passes
* update python test and reremove app links
* fix ts and add t's
Co-authored-by: Hugh A. Miles II <hughmil3s@gmail.com>
* add aud claim and type for guest token
* update test
* lint
* make jwt audience configurable
* lint
* Apply suggestions from code review
Co-authored-by: David Aaron Suddjian <1858430+suddjian@users.noreply.github.com>
* verify aud
* add tests for aud and type claim
Co-authored-by: David Aaron Suddjian <1858430+suddjian@users.noreply.github.com>
* Fix for handling regular CTE queries with MSSQL,#8074
* Moved the get_cte_query function from mssql.py to base.py for using irrespetcive of dbengine
* Fix for handling regular CTE queries with MSSQL,#8074
* Moved the get_cte_query function from mssql.py to base.py for using irrespetcive of dbengine
* Unit test added for the db engine CTE SQL parsing.
Unit test added for the db engine CTE SQL parsing. Removed additional spaces from the CTE parsing SQL generation.
* implement in sqla model
* lint + cleanup
Co-authored-by: Ville Brofeldt <ville.v.brofeldt@gmail.com>
* Assign an owner when creating a dataset from a csv, excel or columnar
* Added some unit tests
* Code cleanup
* Removed blank line
* Attempt to fix a broken test
* Attempt # 2 to fix a broken test
* Attempt # 3 to fix a broken test
* Attempt # 4 to fix a broken test
* Attempt # 5 to fix a broken test
* Attempt # 6 to fix a broken test
* Broken test fixed, code cleanup
* feat(dashboard): embedded dashboard UI configuration (#17175) (#17450)
* setup embedded provider
* update ui configuration
* fix test
* feat: Guest token (for embedded dashboard auth) (#17517)
* generate an embed token
* improve existing tests
* add some auth setup, and rename token
* fix the stuff for compatibility with external request loaders
* docs, standard jwt claims, tweaks
* black
* lint
* tests, and safer token decoding
* linting
* type annotation
* prettier
* add feature flag
* quiet pylint
* apparently typing is a problem again
* Make guest role name configurable
* fake being a non-anonymous user
* just one log entry
* customizable algo
* lint
* lint again
* 403 works now!
* get guest token from header instead of cookie
* Revert "403 works now!"
This reverts commit df2f49a6d4.
* fix tests
* Revert "Revert "403 works now!""
This reverts commit 883dff38f1.
* rename method
* correct import
* feat: entry for embedded dashboard (#17529)
* create entry for embedded dashboard in webpack
* add cookies
* lint
* token message handshake
* guestTokenHeaderName
* use setupClient instead of calling configure
* rename the webpack chunk
* simplified handshake
* embedded entrypoint: render a proper app
* make the embedded page accept anonymous connections
* format
* lint
* fix test
# Conflicts:
# superset-frontend/src/embedded/index.tsx
# superset/views/core.py
* lint
* Update superset-frontend/src/embedded/index.tsx
Co-authored-by: David Aaron Suddjian <1858430+suddjian@users.noreply.github.com>
* comment out origins checks
* move embedded for core to dashboard
* pylint
* isort
Co-authored-by: David Aaron Suddjian <aasuddjian@gmail.com>
Co-authored-by: David Aaron Suddjian <1858430+suddjian@users.noreply.github.com>
* feat: Authorizing guest access to embedded dashboards (#17757)
* helper methods and dashboard access
* guest token dashboard authz
* adjust csrf exempt list
* eums don't work that way
* Remove unnecessary import
* move row level security tests to their own file
* a bit of refactoring
* add guest token security tests
* refactor tests
* clean imports
* variable names can be too long apparently
* missing argument to get_user_roles
* don't redefine builtins
* remove unused imports
* fix test import
* default to global user when getting roles
* missing import
* mock it
* test get_user_roles
* infer g.user for ease of tests
* remove redundant check
* tests for guest user security manager fns
* use algo to get rid of warning messages
* tweaking access checks
* fix guest token security tests
* missing imports
* more tests
* more testing and also some small refactoring
* move validation out of parsing
* fix dashboard access check again
* add more test
Co-authored-by: Lily Kuang <lily@preset.io>
* feat: Row Level Security rules for guest tokens (#17836)
* helper methods and dashboard access
* guest token dashboard authz
* adjust csrf exempt list
* eums don't work that way
* Remove unnecessary import
* move row level security tests to their own file
* a bit of refactoring
* add guest token security tests
* refactor tests
* clean imports
* variable names can be too long apparently
* missing argument to get_user_roles
* don't redefine builtins
* remove unused imports
* fix test import
* default to global user when getting roles
* missing import
* mock it
* test get_user_roles
* infer g.user for ease of tests
* remove redundant check
* tests for guest user security manager fns
* use algo to get rid of warning messages
* tweaking access checks
* fix guest token security tests
* missing imports
* more tests
* more testing and also some small refactoring
* move validation out of parsing
* fix dashboard access check again
* rls rules for guest tokens
* test guest token rls rules
* more flexible rls rules
* lint
* fix tests
* fix test
* defaults
* fix some tests
* fix some tests
* lint
Co-authored-by: Lily Kuang <lily@preset.io>
* SupersetClient guest token test
* Apply suggestions from code review
Co-authored-by: Lily Kuang <lily@preset.io>
Co-authored-by: Lily Kuang <lily@preset.io>
* Added code that properly accepts the -s flag on the import-datasources cli command. Also added unit tests for all of the edge cases (with both metrics & columns, with just columns, and with just metrics)
* Files were reformated using the 'pre-commit run --all-files' command
* added '*args: Any' back into v0.py as it did not need to be removed. Removing it might cause headaches for someone trying to work on this particular piece of code in the future
* Fixed the merge conflict as the cli.py was moved to another directory
* Modified my created unit tests to work with the new format of uni tests since the merge
* Modified my created unit tests to work with the new format of uni tests since the merge
* Fixed errors which were encountered while using the unit tests
* feat: Adds a key-value endpoint to store charts form data
* Fixes linting problems
* Removes the query_params from the endpoints
* Refactors the commands
* Removes unused imports
* Changes the parameters to use dataclass
* Adds more access tests
* Gets the first dataset while testing
* Adds unit tests for the check_access function
* Changes the can_access check
* Always check for dataset access
* refactor: replace the way the birth_names data is loaded to DB
* fix failed unit test
* fix failed unit test
* fix failed tests
* fix pass wrong flag of support datetime type
* remove unused fixture
Lily Kuang
Yongjie Zhao
AAfghahi
Jesse Yang
Ville Brofeldt
Daniel Vaz Gaspar
Beto Dealmeida
Elizabeth Thompson
Craig Rueda
Inclusive Coding Bot
David Aaron Suddjian
James Turton
Phillip Kelley-Dotson
John Bodley
PApostol
Stephen Liu
cccs-Dustin
Karthikeyan Singaravelan
Hugh A. Miles II
serenajiang
Corbin Robb
Sujith Kumar S
Grace Guo
Michael S. Molina
Victor Arbues
ofekisr
Dave McNulla
Adam Dobrawy
cccs-joel
Đặng Minh Dũng
Erik Ritter