* fix: change public role like gamma procedure
* lint and updating UPDATING with breaking change
* fix updating text
* add test and support PUBLIC_ROLE_LIKE_GAMMA
* fix, cleanup tests
* fix, new test
* fix, public default
* Update superset/config.py
Co-authored-by: Ville Brofeldt <33317356+villebro@users.noreply.github.com>
* add simple public welcome page
Co-authored-by: Ville Brofeldt <33317356+villebro@users.noreply.github.com>
* fix(permissions): alpha role is inconsistent
* reverse and allow Alpha to access manager menu
* Bump FAB to 3.0.1rc1 to include del permission fix
* add docs, tests and UPDATING
* EOL
* Fix query view for Alpha
* Switch from nosetest to pytest
Fix schedule tests
Collect pytest coverage
Move pytest config into pytest.ini
Move cov to the pytest.ini
* Append coverage for the 2nd run
* Add coverage to all commands
* Coverage only for tests
* Get coverage from 1 place
* Rename classes to be pytest compatible
* Test coverage for examples and tests
* Max diff to -1
* Explain how to run pytest for the whole project
* Do not append code coverage for the main run
* Do not run coverage on examples
Co-authored-by: bogdan kyryliuk <bogdankyryliuk@dropbox.com>
* Add multiple table filters for Row Level Security
* Set ENABLE_ROW_LEVEL_SECURITY back to False (default)
* Merge DB migrations
* Drop table_id column and foreign key on PostgreSQL, MySQL, SQLite
* Support db records migration also
* Support downgrading from the new-fashioned formatted records
* Straighten up migrations
* Update migration's down_revision to comply master branch
* Support and apply filters.
* Added the UI for row level security, and moved it all under SQLA in order to access the Table model more easily.
* Added a row level security filter documentation entry.
* Accidentally added two new lines to this file.
* Blacked and iSorted, hopefully. Also, sometimes g.user may not be set.
* Another isort, and handling g not having a user attribute another way.
* Let's try this again #CI tests.
* Adjusted import order for isort; I was sure I'd already done this..
* Row level filters should be wrapped in parentheses in case one contains an OR.
* Oops, did not think that would change Black's formatting.
* Changes as per @mistercrunch.
* RLS filters are now many-to-many with Roles.
* Updated documentation to reflect RLS filters supporting multiple rows.
* Let's see what happens when I set it to the previous revision ID
* Updated from upstream.
* There was a pylint error.
* Added RLS ids to the cache keys; modified documentation; added template processing to RLS filters.
* A new migration was merged in.
* Removed RLS cache key from query_object.
* RLS added to the cache_key from query_context.
* Changes as per @etr2460.
* Updating entry for RLS pull request.
* Another migration to skip.
* Changes as per @serenajiang.
* Blacked.
* Blacked and added some attributes to check for.
* Changed to a manual query as per @mistercrunch.
* Blacked.
* Another migration in the meantime.
* Black wanted some whitespace changes.
* AttributeError: 'AnonymousUserMixin' object has no attribute 'id'.
* Oops, did hasattr backwards.
* Changes as per @mistercrunch.
* Doesn't look like text us required here anymore.
* Changes as per @dpgaspar
* Two RLS tests.
* Row level security is now disabled by default via the feature flag ENABLE_ROW_LEVEL_SECURITY.
* New head to revise.
* Changed the comment.
* fix: shut off all uneeded endpoints
We recently added a new feature to FAB allowing to whitelist the needed
endpoints in ModelView and ModelRestApi.
First, we set our base wrapper class to an empty set, forcing each
class inheriting from it to explicitely turn on the endpoints that
Superset intends to use.
Second, we go ModelView by ModelView to whitelist the actual endpoints
used in the app.
Notes:
* as a result a large set of [unneeded] permissions should be cleaned up
* outside of the "private" use of endpoints in the app, people that have
been using endpoints in their environment for other purposes may
experience loss of functionality
* Tweaking
* Reduce the amount of endpoints using white lists
* Fix, included needed endpoints for dashboard and druid
* Drying things up
* fixes
* limiting more endpoints
* Read only on some FAB model views
* fixing some tests
* fixes
* Fixing more tests
* Addressing comments
* Drying up route_methods
* further drying
Co-authored-by: Daniel Vaz Gaspar <danielvazgaspar@gmail.com>
* Require the SQLAlchemy URI when creating a database
* Add migration to make dbs.sqlalchemy_uri not-nullable
* Fixes for black, isort, tests
* Alter migration to use current revision from master as downgrade target
* Update tests to support new db constraint
* black
* Build support for schema access in Superset and SQLab
* Lint
* Test for old and new flask
* Black formatting
* Cleanup modified files
* Support schema permissions
* Add migration
* Make it work for slices as well
* TODO and remove unused field
* Apply schema access check to dashboards as well
Cleaner schema permissions check
Fetch schema permissions in 1 query
Bugfix
Better datasource check
Use security manager for permissions checks and remove dead code
Properly handle anon user
Add database permissions on the database updates
Fix schema filtering
Lint / flake changes
Increase cypress request timeout
Run black
Resolve multiple alembic heads
* Use set comprehensions
* Fixes for the pylint
* Disable deprecated druid connector by default
* Add a line in UPDATING.md for the configuration change
* Remove security tests related default-disabled feature
* More test updates
* black
* First cut at app factory
* Setting things back to master
* Working with new FLASK_APP
* Still need to refactor Celery
* CLI mostly working
* Working on unit tests
* Moving cli stuff around a bit
* Removing get in config
* Defaulting test config
* Adding flask-testing
* flask-testing casing
* resultsbackend property bug
* Fixing up cli
* Quick fix for KV api
* Working on save slice
* Fixed core_tests
* Fixed utils_tests
* Most tests working - still need to dig into remaining app_context issue in tests
* All tests passing locally - need to update code comments
* Fixing dashboard tests again
* Blacking
* Sorting imports
* linting
* removing envvar mangling
* blacking
* Fixing unit tests
* isorting
* licensing
* fixing mysql tests
* fixing cypress?
* fixing .flaskenv
* fixing test app_ctx
* fixing cypress
* moving manifest processor around
* moving results backend manager around
* Cleaning up __init__ a bit more
* Addressing PR comments
* Addressing PR comments
* Blacking
* Fixes for running celery worker
* Tuning isort
* Blacking
* Typo fix in CONTRIBUTING.md
* Alter references to config.get('FOO') to use preferred config['FOO']
* Set missing configuration constants in superset/config.py
* Misc. CI fixes
* Add type annotation for FEATURE_FLATGS
* 7620: Start removing dependencies on requests
* Patch urllib.request.urlopen instead of requests.get
* Try to fix flake8
* More work on flake8 import errors
* First attempt at using urllib with cookies
* Fix pylint/flake8
* Fix test_deliver_slice_csv_attachment
* Fix test_deliver_slice_csv_inline
* Import requests and pydruid conditionally, remove dependency on prison
* Fix flake errors
* Fix load_examples
* Please flake
* Skip tests depending on optional deps
* Try to please flake
* Address review comments
* Remove Druid-related UI
* Revert "Remove Druid-related UI"
This reverts commit d7e0f166cc3f3dd2496b4a666e177f0c191aeb0f.
* Skip a few tests more
* Put imports in right order
* Apply black patch
* Please flake
* Please black, silence flake
* Use flake8 silencing the right way
* Add deps for CI
* [api] [database] New, migrate to new FAB API side by side
* [database] view and api module reorganization
* [style] Fix, flake8
* [test] [database] Fix, tests for new database view structure
* [style] [database] black
* [database] Fix, missing apache license
* Migrate databaasync api to the new api
* flake8
* More efficient api call
* Revert querySearch to old API, test
* dummy commit
* revert config.py commit
* Remove unused import
* Remove old API view
* Remove new API view
* Add database filter
* Add database filter
* Add database filter
* Remove comments on js
* Fix JS test
* Fix pylint
* QuerySearch new databaseasync API endpoint
* Fix, query search new api endpoint
* Reintroduce old API for smooth side by side migration
* Better naming and use common hooks for view and API
* black it
* Fix, database mixin must come first
* Fix, lint
* Bump FAB to 2.0.0
* [tests] whitelist SecurityApi login and refresh endpoints
* [style] Fix, C812 missing trailing commas
* [security] Remove SUPERSET_UPDATE_PERMS flag
Registering sources needs to be performed after the views are
initialized on UPDATE_PERMS=False configuration
* [docs] New, FAB_UPDATE_PERMS and flask fab cli
* [docs] Fix, db upgrade needs to come first, create-admin needs a db
* [cli] New, superset init bootstraps all permissions for FAB and Superset
* [style] Fix, flakes
* move access permissions methods to security manager
* consolidate all security methods into SupersetSecurityManager
* update security method calls
* update calls from tests
* move get_or_create_main_db to utils
* raise if supersetsecuritymanager is not extended
* rename sm to security_manager
Ville Brofeldt
Maxime Beauchemin
Daniel Vaz Gaspar
Erik Ritter
John Bodley
Bogdan
Aliaksei Kushniarevich
altef
ʈᵃᵢ
serenajiang
David Aaron Suddjian
Will Barrett
Craig Rueda
Gianluca Ciccarelli
timifasubaa