Migrates and completely removes: '/superset/table/<database_id>/<table_name>/<schema>/'
- Guarantees database filtering based on the user permissions
- Full OpenAPI spec
- Better error handling
* fix: shut off all uneeded endpoints
We recently added a new feature to FAB allowing to whitelist the needed
endpoints in ModelView and ModelRestApi.
First, we set our base wrapper class to an empty set, forcing each
class inheriting from it to explicitely turn on the endpoints that
Superset intends to use.
Second, we go ModelView by ModelView to whitelist the actual endpoints
used in the app.
Notes:
* as a result a large set of [unneeded] permissions should be cleaned up
* outside of the "private" use of endpoints in the app, people that have
been using endpoints in their environment for other purposes may
experience loss of functionality
* Tweaking
* Reduce the amount of endpoints using white lists
* Fix, included needed endpoints for dashboard and druid
* Drying things up
* fixes
* limiting more endpoints
* Read only on some FAB model views
* fixing some tests
* fixes
* Fixing more tests
* Addressing comments
* Drying up route_methods
* further drying
Co-authored-by: Daniel Vaz Gaspar <danielvazgaspar@gmail.com>
* [dashboards] New, API for Bulk delete
* [dashboards] Tests
* [dashboards] Fix not found on multiple delete
* [dashboards] Bulk delete partial deletes on not owned dashes
* [dashboards] Improve OpenAPI spec and tests
* [dashboards] Test for bad request
* [dashboards] i18n
* [dashboards] black
* [dashboard] make bulk all or nothing
* [dashboard] Log on sqlalchemy error
* [dashboard] Log on sqlalchemy error
* [charts] New REST API
* [charts] Small improvements
* [charts] Fix, lint
* [charts] Tests and datasource validation
* [charts] Fix, lint
* [charts] DRY post schemas
* [charts] lint and improve type declarations
* [charts] DRY owned REST APIs
* [charts] Small fixes
* [charts] More tests
* [charts] Tests and DRY
* [charts] Tests for update
* [charts] More tests
* [charts] Fix, isort
* [charts] DRY and improve quality
* [charts] DRY and more tests
* [charts] Refactor base for api and schemas
* [charts] Fix bug on partial updates for dashboards
* [charts] Fix missing apache license
* black app.py after merge
* [charts] Fix, missing imports and black
* [api] Log on sqlalchemy error
* [api] isort
* Use PyArrow Table for query result serialization
* Cleanup dev comments
* Additional cleanup
* WIP: tests
* Remove explicit dtype logic from db_engine_specs
* Remove obsolete column property
* SupersetTable column types
* Port SupersetDataFrame methods to SupersetTable
* Add test for nullable boolean columns
* Support datetime values with timezone offsets
* Black formatting
* Pylint
* More linting/formatting
* Resolve issue with timezones not appearing in results
* Types
* Enable running of tests in tests/db_engine_specs
* Resolve application context errors
* Refactor and add tests for pyodbc.Row conversion
* Appease isort, regardless of isort:skip
* Re-enable RESULTS_BACKEND_USE_MSGPACK default based on benchmarks
* Dataframe typing and nits
* Renames to reduce ambiguity
* Require the SQLAlchemy URI when creating a database
* Add migration to make dbs.sqlalchemy_uri not-nullable
* Fixes for black, isort, tests
* Alter migration to use current revision from master as downgrade target
* Update tests to support new db constraint
* black
* re-enable pylint for superset/common/query_context.py
* Re-enable pylint for superset/connectors/base/views.py
* re-enable pylint for superset/connectors/connector_registry.py
* Re-enable pylint for tests/fixtures/pyodbcRow.py
* re-enable pylint for superset/cli.py
* Fix for mypy
* Improve variable naming
* A few more naming fixes
* Build support for schema access in Superset and SQLab
* Lint
* Test for old and new flask
* Black formatting
* Cleanup modified files
* Support schema permissions
* Add migration
* Make it work for slices as well
* TODO and remove unused field
* Apply schema access check to dashboards as well
Cleaner schema permissions check
Fetch schema permissions in 1 query
Bugfix
Better datasource check
Use security manager for permissions checks and remove dead code
Properly handle anon user
Add database permissions on the database updates
Fix schema filtering
Lint / flake changes
Increase cypress request timeout
Run black
Resolve multiple alembic heads
* Use set comprehensions
* Fixes for the pylint
* Disable deprecated druid connector by default
* Add a line in UPDATING.md for the configuration change
* Remove security tests related default-disabled feature
* More test updates
* black
* First cut at app factory
* Setting things back to master
* Working with new FLASK_APP
* Still need to refactor Celery
* CLI mostly working
* Working on unit tests
* Moving cli stuff around a bit
* Removing get in config
* Defaulting test config
* Adding flask-testing
* flask-testing casing
* resultsbackend property bug
* Fixing up cli
* Quick fix for KV api
* Working on save slice
* Fixed core_tests
* Fixed utils_tests
* Most tests working - still need to dig into remaining app_context issue in tests
* All tests passing locally - need to update code comments
* Fixing dashboard tests again
* Blacking
* Sorting imports
* linting
* removing envvar mangling
* blacking
* Fixing unit tests
* isorting
* licensing
* fixing mysql tests
* fixing cypress?
* fixing .flaskenv
* fixing test app_ctx
* fixing cypress
* moving manifest processor around
* moving results backend manager around
* Cleaning up __init__ a bit more
* Addressing PR comments
* Addressing PR comments
* Blacking
* Fixes for running celery worker
* Tuning isort
* Blacking
* adds react based menu for welcome view
* bump fab
* better logic in common_bootstrap_payload
* split up files
* fix spacing and module scope styles
* lint
* render correct template for welcome
* [fix] csv upload when table metadata present
* Remove table from hive spec
* Move upload before table metadata creation
* Refine upload logic, dd unit tests and fix translations
* Use ALLOWED_EXTENSIONS from config
* Address review comments
* Fix error message grammar
* Add return type to hive csv upload and replace first with one_or_none
Daniel Vaz Gaspar
Rob DiCiuccio
John Bodley
Erik Ritter
Maxime Beauchemin
Ville Brofeldt
ʈᵃᵢ
serenajiang
Craig Rueda
David Aaron Suddjian
Will Barrett
Bogdan
Beto Dealmeida
Dinesh Sawant
Hossein Torabi