* Support and apply filters.
* Added the UI for row level security, and moved it all under SQLA in order to access the Table model more easily.
* Added a row level security filter documentation entry.
* Accidentally added two new lines to this file.
* Blacked and iSorted, hopefully. Also, sometimes g.user may not be set.
* Another isort, and handling g not having a user attribute another way.
* Let's try this again #CI tests.
* Adjusted import order for isort; I was sure I'd already done this..
* Row level filters should be wrapped in parentheses in case one contains an OR.
* Oops, did not think that would change Black's formatting.
* Changes as per @mistercrunch.
* RLS filters are now many-to-many with Roles.
* Updated documentation to reflect RLS filters supporting multiple rows.
* Let's see what happens when I set it to the previous revision ID
* Updated from upstream.
* There was a pylint error.
* Added RLS ids to the cache keys; modified documentation; added template processing to RLS filters.
* A new migration was merged in.
* Removed RLS cache key from query_object.
* RLS added to the cache_key from query_context.
* Changes as per @etr2460.
* Updating entry for RLS pull request.
* Another migration to skip.
* Changes as per @serenajiang.
* Blacked.
* Blacked and added some attributes to check for.
* Changed to a manual query as per @mistercrunch.
* Blacked.
* Another migration in the meantime.
* Black wanted some whitespace changes.
* AttributeError: 'AnonymousUserMixin' object has no attribute 'id'.
* Oops, did hasattr backwards.
* Changes as per @mistercrunch.
* Doesn't look like text us required here anymore.
* Changes as per @dpgaspar
* Two RLS tests.
* Row level security is now disabled by default via the feature flag ENABLE_ROW_LEVEL_SECURITY.
* New head to revise.
* Changed the comment.
* Add feature flags to control query sharing, KV exposure
* Add tests, fix bug
* Skip test for kv endpoints when they are disabled
* ESLint fixes
* Remove unnecessary binds
* Fix eslint errors
* Add note to UPDATING.md RE: new feature flag options
* Use expanded version of RBAC
* Enable KV_STORE and SHARE_QUERIES_VIA_KV_STORE feature flags in the test environment
* Fix black
* Wrap tagging endpoints in a feature flag (disabled by default)
* Add tests for new feature flag
* Reuse existing feature flag
* Add TAGGING_SYSTEM to feature flags defaulted to False
* Do not show stacktraces on some intentionally-thrown errors
* Fix pylint error
* Fix JavaScript looking for the wrong key in error response from connection check
* format -> f-string
* Run black because PyCharm missed it on the last save
Migrates and completely removes: '/superset/table/<database_id>/<table_name>/<schema>/'
- Guarantees database filtering based on the user permissions
- Full OpenAPI spec
- Better error handling
* fix: shut off all uneeded endpoints
We recently added a new feature to FAB allowing to whitelist the needed
endpoints in ModelView and ModelRestApi.
First, we set our base wrapper class to an empty set, forcing each
class inheriting from it to explicitely turn on the endpoints that
Superset intends to use.
Second, we go ModelView by ModelView to whitelist the actual endpoints
used in the app.
Notes:
* as a result a large set of [unneeded] permissions should be cleaned up
* outside of the "private" use of endpoints in the app, people that have
been using endpoints in their environment for other purposes may
experience loss of functionality
* Tweaking
* Reduce the amount of endpoints using white lists
* Fix, included needed endpoints for dashboard and druid
* Drying things up
* fixes
* limiting more endpoints
* Read only on some FAB model views
* fixing some tests
* fixes
* Fixing more tests
* Addressing comments
* Drying up route_methods
* further drying
Co-authored-by: Daniel Vaz Gaspar <danielvazgaspar@gmail.com>
* [dashboards] New, API for Bulk delete
* [dashboards] Tests
* [dashboards] Fix not found on multiple delete
* [dashboards] Bulk delete partial deletes on not owned dashes
* [dashboards] Improve OpenAPI spec and tests
* [dashboards] Test for bad request
* [dashboards] i18n
* [dashboards] black
* [dashboard] make bulk all or nothing
* [dashboard] Log on sqlalchemy error
* [dashboard] Log on sqlalchemy error
* [charts] New REST API
* [charts] Small improvements
* [charts] Fix, lint
* [charts] Tests and datasource validation
* [charts] Fix, lint
* [charts] DRY post schemas
* [charts] lint and improve type declarations
* [charts] DRY owned REST APIs
* [charts] Small fixes
* [charts] More tests
* [charts] Tests and DRY
* [charts] Tests for update
* [charts] More tests
* [charts] Fix, isort
* [charts] DRY and improve quality
* [charts] DRY and more tests
* [charts] Refactor base for api and schemas
* [charts] Fix bug on partial updates for dashboards
* [charts] Fix missing apache license
* black app.py after merge
* [charts] Fix, missing imports and black
* [api] Log on sqlalchemy error
* [api] isort
* Use PyArrow Table for query result serialization
* Cleanup dev comments
* Additional cleanup
* WIP: tests
* Remove explicit dtype logic from db_engine_specs
* Remove obsolete column property
* SupersetTable column types
* Port SupersetDataFrame methods to SupersetTable
* Add test for nullable boolean columns
* Support datetime values with timezone offsets
* Black formatting
* Pylint
* More linting/formatting
* Resolve issue with timezones not appearing in results
* Types
* Enable running of tests in tests/db_engine_specs
* Resolve application context errors
* Refactor and add tests for pyodbc.Row conversion
* Appease isort, regardless of isort:skip
* Re-enable RESULTS_BACKEND_USE_MSGPACK default based on benchmarks
* Dataframe typing and nits
* Renames to reduce ambiguity
* Require the SQLAlchemy URI when creating a database
* Add migration to make dbs.sqlalchemy_uri not-nullable
* Fixes for black, isort, tests
* Alter migration to use current revision from master as downgrade target
* Update tests to support new db constraint
* black
* re-enable pylint for superset/common/query_context.py
* Re-enable pylint for superset/connectors/base/views.py
* re-enable pylint for superset/connectors/connector_registry.py
* Re-enable pylint for tests/fixtures/pyodbcRow.py
* re-enable pylint for superset/cli.py
* Fix for mypy
* Improve variable naming
* A few more naming fixes