* feat(dashboard): embedded dashboard UI configuration (#17175) (#17450)
* setup embedded provider
* update ui configuration
* fix test
* feat: Guest token (for embedded dashboard auth) (#17517)
* generate an embed token
* improve existing tests
* add some auth setup, and rename token
* fix the stuff for compatibility with external request loaders
* docs, standard jwt claims, tweaks
* black
* lint
* tests, and safer token decoding
* linting
* type annotation
* prettier
* add feature flag
* quiet pylint
* apparently typing is a problem again
* Make guest role name configurable
* fake being a non-anonymous user
* just one log entry
* customizable algo
* lint
* lint again
* 403 works now!
* get guest token from header instead of cookie
* Revert "403 works now!"
This reverts commit df2f49a6d4.
* fix tests
* Revert "Revert "403 works now!""
This reverts commit 883dff38f1.
* rename method
* correct import
* feat: entry for embedded dashboard (#17529)
* create entry for embedded dashboard in webpack
* add cookies
* lint
* token message handshake
* guestTokenHeaderName
* use setupClient instead of calling configure
* rename the webpack chunk
* simplified handshake
* embedded entrypoint: render a proper app
* make the embedded page accept anonymous connections
* format
* lint
* fix test
# Conflicts:
# superset-frontend/src/embedded/index.tsx
# superset/views/core.py
* lint
* Update superset-frontend/src/embedded/index.tsx
Co-authored-by: David Aaron Suddjian <1858430+suddjian@users.noreply.github.com>
* comment out origins checks
* move embedded for core to dashboard
* pylint
* isort
Co-authored-by: David Aaron Suddjian <aasuddjian@gmail.com>
Co-authored-by: David Aaron Suddjian <1858430+suddjian@users.noreply.github.com>
* feat: Authorizing guest access to embedded dashboards (#17757)
* helper methods and dashboard access
* guest token dashboard authz
* adjust csrf exempt list
* eums don't work that way
* Remove unnecessary import
* move row level security tests to their own file
* a bit of refactoring
* add guest token security tests
* refactor tests
* clean imports
* variable names can be too long apparently
* missing argument to get_user_roles
* don't redefine builtins
* remove unused imports
* fix test import
* default to global user when getting roles
* missing import
* mock it
* test get_user_roles
* infer g.user for ease of tests
* remove redundant check
* tests for guest user security manager fns
* use algo to get rid of warning messages
* tweaking access checks
* fix guest token security tests
* missing imports
* more tests
* more testing and also some small refactoring
* move validation out of parsing
* fix dashboard access check again
* add more test
Co-authored-by: Lily Kuang <lily@preset.io>
* feat: Row Level Security rules for guest tokens (#17836)
* helper methods and dashboard access
* guest token dashboard authz
* adjust csrf exempt list
* eums don't work that way
* Remove unnecessary import
* move row level security tests to their own file
* a bit of refactoring
* add guest token security tests
* refactor tests
* clean imports
* variable names can be too long apparently
* missing argument to get_user_roles
* don't redefine builtins
* remove unused imports
* fix test import
* default to global user when getting roles
* missing import
* mock it
* test get_user_roles
* infer g.user for ease of tests
* remove redundant check
* tests for guest user security manager fns
* use algo to get rid of warning messages
* tweaking access checks
* fix guest token security tests
* missing imports
* more tests
* more testing and also some small refactoring
* move validation out of parsing
* fix dashboard access check again
* rls rules for guest tokens
* test guest token rls rules
* more flexible rls rules
* lint
* fix tests
* fix test
* defaults
* fix some tests
* fix some tests
* lint
Co-authored-by: Lily Kuang <lily@preset.io>
* SupersetClient guest token test
* Apply suggestions from code review
Co-authored-by: Lily Kuang <lily@preset.io>
Co-authored-by: Lily Kuang <lily@preset.io>
* chore(generator-superset): migrate to monorepo
* add todo and remove webpack reference from template
* fix linting errors
* remove redundant test file
* add modal layout with description, rework styles
* thirty percent
* test correctly
* avoid any changes in modal height
* typescriptify
* feat(viz): add categories to the viz picker (#15304)
* feat(viz): add categories to the viz picker
* fix test types
* add a catch-all category
* tweak layout
* upgrade superset-ui to get new metadata
* do i look like i know what a jpeg is
* fix tests
* lint
* remove script count test requirement
* fix e2e test
* feat(explore): Viz picker search improvements (#15399)
* upgrade superset-ui, install fuse.js
* add metadata to plugin context
* get search working
* layout improvements
* fix tests
* Update superset-frontend/src/explore/components/controls/VizTypeControl/index.tsx
Co-authored-by: Michael S. Molina <70410625+michael-s-molina@users.noreply.github.com>
* use typography size instead of grid unit
* comments
Co-authored-by: Michael S. Molina <70410625+michael-s-molina@users.noreply.github.com>
* feat(explore): Examples image gallery in the viz type control (#15489)
* feat(explore): add section for example images in viz type control
* fix jpg webpack config
* formatting
* feat(Explore): Viz gallery component tweaks (#15520)
* separate viz gallery from the modal
* use gallery directly in add slice view
* more formatting on the add slice container
* restyle the thumbnail list
* explicit thumbnail width and height
* remove crappy hack
* remove useless line
* comment
* sort categories
* comments
* tweak search behavior
* fix tests
* open gallery to the currently selected viz type
* null safety
* show all plugins when searching empty string
* get the new metadatas
* adjust categories scrolling behavior
* add time series table metadata
* upgrade superset-ui
* attempt fixing tests
* upgrade descriptions
* fix unit test
* attempt fixing e2e again
* max width for viz gallery
* update package lock
* undo unnecessary webpack changes
* don't show search results until something is entered
* force modal to open to selected viz type
* tweaks to search behavior
* gallery layout tweaks
* enshrine pivot table v2 in a place of honor
* feat(viz): Clear viz gallery when navigating between categories (#15577)
* start viz gallery with null selection, clear when switching categories
* fix AddSliceContainer tests
* show a message when there is no viz type selected
* composition > inheritance
* clarify searching code
* comment
Co-authored-by: Michael S. Molina <70410625+michael-s-molina@users.noreply.github.com>
* chore(dashboard): Integrate dashboard app into the SPA bundle
* fix url params
* change variable name
* change title correctly
* custom css
* lint
* remove unused file
* remove content assertions from dashboard tests
* fix case with missing bootstrap data
* fix: respect crud views flag
* crud views -> spa
* remove unused dashboard templates
* fix: remove unused variable
* fix: missed a spot with the crudViews -> spa
* router link to dashboard from dashboard list page
* link using the router when in card mode
* lint
* fix tests, add memory router
* remove dashboard app files
* split up the bundle a little more
* use webpack preload
* add custom error pages for 404 and 500 responses
* refactor error page styles into separate template
* move error pages to superset-frontend
* fix whitespace on error pages
* refactor error pages to be generated by jinja
* generate static error pages with webpack
Override manifest.json only when `npm run dev`, not `npm run
dev-server`. This allows developers to compare between the
current version of Superset with what they are working on
without switching back and forth between branches.
All they need to do is to first start the current version with
production build:
```
npm run build
superset run -p 8088
```
Then start the dev server in another window:
```
npm run dev-server
```