* [scheduled reports] Add support for scheduled reports
* Scheduled email reports for slice and dashboard visualization
(attachment or inline)
* Scheduled email reports for slice data (CSV attachment on inline table)
* Each schedule has a list of recipients (all of them can receive a single mail,
or separate mails)
* All outgoing mails can have a mandatory bcc - for audit purposes.
* Each dashboard/slice can have multiple schedules.
In addition, this PR also makes a few minor improvements to the celery
infrastructure.
* Create a common celery app
* Added more celery annotations for the tasks
* Introduced celery beat
* Update docs about concurrency / pools
* [scheduled reports] - Debug mode for scheduled emails
* [scheduled reports] - Ability to send test mails
* [scheduled reports] - Test email functionality - minor improvements
* [scheduled reports] - Rebase with master. Minor fixes
* [scheduled reports] - Add warning messages
* [scheduled reports] - flake8
* [scheduled reports] - fix rebase
* [scheduled reports] - fix rebase
* [scheduled reports] - fix flake8
* [scheduled reports] Rebase in prep for merge
* Fixed alembic tree after rebase
* Updated requirements to latest version of packages (and tested)
* Removed py2 stuff
* [scheduled reports] - fix flake8
* [scheduled reports] - address review comments
* [scheduled reports] - rebase with master
* [build] fix pip install issues on OSX High Sierra
I think requirements.txt was out-of-sync as well.
Also had to:
export
LDFLAGS="-L/usr/local/opt/openssl/lib"
export
CPPFLAGS="-I/usr/local/opt/openssl/include"
export
PKG_CONFIG_PATH="/usr/local/opt/openssl/lib/pkgconfig"
* Fix click
* Deprecate support for Python < 3.6
This is a first step, beyond this we can:
* remove all from future imports
* remove 'six' lib as a dependency
* start using f-strings
* enjoy ourselves
* fix tox
* Rebasing
* fix
* Migrate flask_script to the Flask built-in click.
Flask 0.11 is the built-in integration of the click command line interface.
Flask-Migrate support for the new Flask CLI based on Click after Release 2.0.0.
* Resolved merge conflicts.
* Fixed issue introduced from bad merge.
* Fixed flake8 errors, added build to excluded flake8 stuff.
* * Moved the FlaskGroup declaration to the driver script.
* Moved shell context definition to cli.py
* Switched shell context definition to use decorator.
* Moved create_app definition to cli.py
* Fixed InvocationError with a wrapped function
* Added extra newlines between functions
* Removed flask-script dependency.
Moving to using Twine to upload to pypi and fixing up the markdown
support so that the page on Pypi looks like the README on Github.
This has been tested on the 0.26 branch starting 0.26.3
When receiving a VARBINARY field out of Presto, it shows up as type
`bytes` out of the pyhive driver. Then the pre 3.15 version of
simplejson attempts to convert it to utf8 by default and it craps out.
I bumped to simplejson>=3.25.0 and set `encoding=None` as documented
here
https://simplejson.readthedocs.io/en/latest/#basic-usage so that we can
handle bytes on our own.
* Bump celery to 4.1.1
Docs reference `celery worker --app=superset.sql_lab:celery_app
--pool=gevent -Ofair` command which seems only to work with Celery 4.1.1
* Add UPDATING.md message
It appears the officially maintained fork of flask-cache is
flask-caching https://github.com/sh4nks/flask-caching . It is fully
compatible with flask-cache.
* Fix 'pip install .'
Fix error :
> flask-appbuilder 1.10.0 has requirement Flask-SQLAlchemy==2.1,
> but you'll have flask-sqlalchemy 2.3.2 which is incompatible.
> botocore 1.10.5 has requirement python-dateutil<2.7.0,>=2.1, but you'll
> have python-dateutil 2.7.2 which is incompatible.
* remove flask-sqlalchemy==2.1 from reqs.txt
* Switched yaml.load to yaml.safe_load to prevent code execution via crafted yaml files
Python's yaml.laod can lead to code execution via crafted yaml files such as:
```
code_exec: !!python/object/apply:subprocess.check_output ['ls']
```
* Fixed XSS via bleach
It was possible to get an XSS via the markdown library via simply setting a description containing arbitary HTML tags.
It was also possible to create links that went to the `javascript:` link handler (eg `[example](javascript:alert(0)`)
Using bleach to sanitize it solves both of these.
* Added XFO header by default to prevent clickjacking attacks
Note that with this application clickjacking can be relatively severe via the SQLLab functionality
which allows executing arbitary SQL.
* Added justification for dangerouslySetInnerHTML
* Fixed linting errors
* Fixed linting errors
Beto Dealmeida
Mahendra M
Maxime Beauchemin
timifasubaa
Joshua Carp
Mạnh Tài
Victor Noël
gbates101
Ville Brofeldt
Riccardo Magliocchetti
Jeffrey Wang
Louis-Etienne
John Bodley
John Bodley
David Dworken