* fix: shut off all uneeded endpoints
We recently added a new feature to FAB allowing to whitelist the needed
endpoints in ModelView and ModelRestApi.
First, we set our base wrapper class to an empty set, forcing each
class inheriting from it to explicitely turn on the endpoints that
Superset intends to use.
Second, we go ModelView by ModelView to whitelist the actual endpoints
used in the app.
Notes:
* as a result a large set of [unneeded] permissions should be cleaned up
* outside of the "private" use of endpoints in the app, people that have
been using endpoints in their environment for other purposes may
experience loss of functionality
* Tweaking
* Reduce the amount of endpoints using white lists
* Fix, included needed endpoints for dashboard and druid
* Drying things up
* fixes
* limiting more endpoints
* Read only on some FAB model views
* fixing some tests
* fixes
* Fixing more tests
* Addressing comments
* Drying up route_methods
* further drying
Co-authored-by: Daniel Vaz Gaspar <danielvazgaspar@gmail.com>
* Require the SQLAlchemy URI when creating a database
* Add migration to make dbs.sqlalchemy_uri not-nullable
* Fixes for black, isort, tests
* Alter migration to use current revision from master as downgrade target
* Update tests to support new db constraint
* black
* Build support for schema access in Superset and SQLab
* Lint
* Test for old and new flask
* Black formatting
* Cleanup modified files
* Support schema permissions
* Add migration
* Make it work for slices as well
* TODO and remove unused field
* Apply schema access check to dashboards as well
Cleaner schema permissions check
Fetch schema permissions in 1 query
Bugfix
Better datasource check
Use security manager for permissions checks and remove dead code
Properly handle anon user
Add database permissions on the database updates
Fix schema filtering
Lint / flake changes
Increase cypress request timeout
Run black
Resolve multiple alembic heads
* Use set comprehensions
* Fixes for the pylint
* Disable deprecated druid connector by default
* Add a line in UPDATING.md for the configuration change
* Remove security tests related default-disabled feature
* More test updates
* black
* First cut at app factory
* Setting things back to master
* Working with new FLASK_APP
* Still need to refactor Celery
* CLI mostly working
* Working on unit tests
* Moving cli stuff around a bit
* Removing get in config
* Defaulting test config
* Adding flask-testing
* flask-testing casing
* resultsbackend property bug
* Fixing up cli
* Quick fix for KV api
* Working on save slice
* Fixed core_tests
* Fixed utils_tests
* Most tests working - still need to dig into remaining app_context issue in tests
* All tests passing locally - need to update code comments
* Fixing dashboard tests again
* Blacking
* Sorting imports
* linting
* removing envvar mangling
* blacking
* Fixing unit tests
* isorting
* licensing
* fixing mysql tests
* fixing cypress?
* fixing .flaskenv
* fixing test app_ctx
* fixing cypress
* moving manifest processor around
* moving results backend manager around
* Cleaning up __init__ a bit more
* Addressing PR comments
* Addressing PR comments
* Blacking
* Fixes for running celery worker
* Tuning isort
* Blacking
* Typo fix in CONTRIBUTING.md
* Alter references to config.get('FOO') to use preferred config['FOO']
* Set missing configuration constants in superset/config.py
* Misc. CI fixes
* Add type annotation for FEATURE_FLATGS
* 7620: Start removing dependencies on requests
* Patch urllib.request.urlopen instead of requests.get
* Try to fix flake8
* More work on flake8 import errors
* First attempt at using urllib with cookies
* Fix pylint/flake8
* Fix test_deliver_slice_csv_attachment
* Fix test_deliver_slice_csv_inline
* Import requests and pydruid conditionally, remove dependency on prison
* Fix flake errors
* Fix load_examples
* Please flake
* Skip tests depending on optional deps
* Try to please flake
* Address review comments
* Remove Druid-related UI
* Revert "Remove Druid-related UI"
This reverts commit d7e0f166cc3f3dd2496b4a666e177f0c191aeb0f.
* Skip a few tests more
* Put imports in right order
* Apply black patch
* Please flake
* Please black, silence flake
* Use flake8 silencing the right way
* Add deps for CI
* [api] [database] New, migrate to new FAB API side by side
* [database] view and api module reorganization
* [style] Fix, flake8
* [test] [database] Fix, tests for new database view structure
* [style] [database] black
* [database] Fix, missing apache license
* Migrate databaasync api to the new api
* flake8
* More efficient api call
* Revert querySearch to old API, test
* dummy commit
* revert config.py commit
* Remove unused import
* Remove old API view
* Remove new API view
* Add database filter
* Add database filter
* Add database filter
* Remove comments on js
* Fix JS test
* Fix pylint
* QuerySearch new databaseasync API endpoint
* Fix, query search new api endpoint
* Reintroduce old API for smooth side by side migration
* Better naming and use common hooks for view and API
* black it
* Fix, database mixin must come first
* Fix, lint
* Bump FAB to 2.0.0
* [tests] whitelist SecurityApi login and refresh endpoints
* [style] Fix, C812 missing trailing commas
* [security] Remove SUPERSET_UPDATE_PERMS flag
Registering sources needs to be performed after the views are
initialized on UPDATE_PERMS=False configuration
* [docs] New, FAB_UPDATE_PERMS and flask fab cli
* [docs] Fix, db upgrade needs to come first, create-admin needs a db
* [cli] New, superset init bootstraps all permissions for FAB and Superset
* [style] Fix, flakes
* move access permissions methods to security manager
* consolidate all security methods into SupersetSecurityManager
* update security method calls
* update calls from tests
* move get_or_create_main_db to utils
* raise if supersetsecuritymanager is not extended
* rename sm to security_manager