* fix: shut off all uneeded endpoints
We recently added a new feature to FAB allowing to whitelist the needed
endpoints in ModelView and ModelRestApi.
First, we set our base wrapper class to an empty set, forcing each
class inheriting from it to explicitely turn on the endpoints that
Superset intends to use.
Second, we go ModelView by ModelView to whitelist the actual endpoints
used in the app.
Notes:
* as a result a large set of [unneeded] permissions should be cleaned up
* outside of the "private" use of endpoints in the app, people that have
been using endpoints in their environment for other purposes may
experience loss of functionality
* Tweaking
* Reduce the amount of endpoints using white lists
* Fix, included needed endpoints for dashboard and druid
* Drying things up
* fixes
* limiting more endpoints
* Read only on some FAB model views
* fixing some tests
* fixes
* Fixing more tests
* Addressing comments
* Drying up route_methods
* further drying
Co-authored-by: Daniel Vaz Gaspar <danielvazgaspar@gmail.com>
* Add support for msgpack results_backend serialization
* Serialize DataFrame with PyArrow rather than JSON
* Adjust dependencies, de-lint
* Add tests for (de)serialization methods
* Add MessagePack config info to Installation docs
* Enable msgpack/arrow serialization by default
* [Fix] Prevent msgpack serialization on synchronous queries
* Add type annotations
* [database] Fix, Removes the limit for the page size, Bump FAB to 2.1.8
Old FAB API had no limits by default, this will keep this behaviour
but only for this endpoint
* [sqllab] Add test for database API
* [sqllab] Add test for database API
* [sqllab] Include page zero on request
* [sqllab] Fix, Black and requirements
* [sqllab] Make database API return unlimited results
* [sqllab] just a test
* [sqllab] Bump FAB to 2.1.9
* [sqllab] Remove unused import
* 7620: Start removing dependencies on requests
* Patch urllib.request.urlopen instead of requests.get
* Try to fix flake8
* More work on flake8 import errors
* First attempt at using urllib with cookies
* Fix pylint/flake8
* Fix test_deliver_slice_csv_attachment
* Fix test_deliver_slice_csv_inline
* Import requests and pydruid conditionally, remove dependency on prison
* Fix flake errors
* Fix load_examples
* Please flake
* Skip tests depending on optional deps
* Try to please flake
* Address review comments
* Remove Druid-related UI
* Revert "Remove Druid-related UI"
This reverts commit d7e0f166cc3f3dd2496b4a666e177f0c191aeb0f.
* Skip a few tests more
* Put imports in right order
* Apply black patch
* Please flake
* Please black, silence flake
* Use flake8 silencing the right way
* Add deps for CI
* Bump requirements.txt
* Cap gunicorn to <19.9.0 due to X-Forwarded-Proto regression
* Remove python-dotenv from requirements-dev.txt
* Cap sqlparse due to regression in 0.3.0
* Bump FAB to 2.0.0
* [tests] whitelist SecurityApi login and refresh endpoints
* [style] Fix, C812 missing trailing commas
* [security] Remove SUPERSET_UPDATE_PERMS flag
Registering sources needs to be performed after the views are
initialized on UPDATE_PERMS=False configuration
* [docs] New, FAB_UPDATE_PERMS and flask fab cli
* [docs] Fix, db upgrade needs to come first, create-admin needs a db
* [cli] New, superset init bootstraps all permissions for FAB and Superset
* [style] Fix, flakes
Package maintainers should really never delete packages, but it appears
this happened with croniter and resulted in breaking our builds.
This PR bumps to a more recent existing version of the library
* Bump sqla to >=1.3.1
* Refine mssql column types to only use N-prefixing when necessary
* make join explicit
* replace set with list
* Add additional test case for N-prefix
* Replace engine with dialect and fix linting error
* Remove unneeded import
* Bump FAB to 1.12.5
* [requirements] New dependency pyJWT added on FAB 1.12.4 for OAuth redirect
* [requirements] Fix, pip-tools bump to 3.5.0 related to #714
* Making thrift, pyhive and tableschema as extra_requires
Looking at the dependency tree for license related questions, I noticed
that tableschema had a huge tree, and only people running Hive really
need it. Making this as well as pyhive and thrift optional.
Also bumping some python dependencies
* Run pip-compile
* Removing refs to past.builtins (from future lib)
* Add thrift
Daniel Vaz Gaspar
Erik Ritter
ʈᵃᵢ
Ville Brofeldt
John Bodley
Rob DiCiuccio
Maxime Beauchemin
Rob DiCiuccio
Paul Vickers
serenajiang
Dave Smith
Gianluca Ciccarelli
Beto Dealmeida
ziheng
Mahendra M