feat(chart): Enable caching per user when user impersonation is enabled

[Samira-El]

SUMMARY

In order to mitigate sensitive data leaking to less-privileged users when they load a cached dashboard/chart, this PR enables caching per user when a database has impersonation enabled.

In our setup, we delegate permissions to database (Snowflake via OAuth) and we don't want to create and maintain another layer of ACLs in Superset.

Discussion on this on slack.

This is an initial solution, happy to adjust it as per maintainers' feedback.

BEFORE/AFTER SCREENSHOTS OR ANIMATED GIF

TESTING INSTRUCTIONS

Run this in a setup where caching is enabled and there is a datasource that allows user impersonation.

ADDITIONAL INFORMATION

• Has associated issue:
• Required feature flags:
• Changes UI
• Includes DB Migration (follow approval process in SIP-59)
  • Migration is atomic, supports rollback & is backwards-compatible
  • Confirm DB migration upgrade and downgrade tested
  • Runtime estimates and downtime expectations provided
• Introduces new feature or API
• Removes existing feature or API

[codecov]

Codecov Report

Merging #20114 (01f0da1) into master (fa7f144) will decrease coverage by 0.15%.
The diff coverage is 60.00%.

@@            Coverage Diff             @@
##           master   #20114      +/-   ##
==========================================
- Coverage   66.70%   66.55%   -0.16%     
==========================================
  Files        1739     1724      -15     
  Lines       65136    64804     -332     
  Branches     6897     6822      -75     
==========================================
- Hits        43452    43132     -320     
- Misses      19931    19938       +7     
+ Partials     1753     1734      -19     

Flag	Coverage Δ
hive	53.71% <60.00%> (+0.01%)	⬆️
mysql	82.28% <60.00%> (+<0.01%)	⬆️
postgres	82.35% <60.00%> (+<0.01%)	⬆️
presto	53.57% <60.00%> (+0.01%)	⬆️
python	82.78% <60.00%> (+<0.01%)	⬆️
sqlite	82.13% <60.00%> (+<0.01%)	⬆️
unit	50.54% <50.00%> (-0.01%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files	Coverage Δ
superset/common/query_context_factory.py	96.42% <ø> (ø)
superset/config.py	91.41% <ø> (ø)
superset/common/query_object.py	94.38% <50.00%> (-0.88%)	⬇️
superset/db_engine_specs/base.py	88.33% <75.00%> (-0.09%)	⬇️
...t-frontend/src/dashboard/containers/SliceAdder.jsx	0.00% <0.00%> (-100.00%)	⬇️
...et-frontend/src/dashboard/actions/sliceEntities.js	16.00% <0.00%> (-37.85%)	⬇️
superset-frontend/src/explore/store.js	58.33% <0.00%> (-33.34%)	⬇️
...rset-frontend/src/components/CachedLabel/index.tsx	50.00% <0.00%> (-33.34%)	⬇️
...nd/plugins/plugin-chart-table/src/controlPanel.tsx	16.66% <0.00%> (-26.82%)	⬇️
...ilters/FiltersConfigModal/FilterTitleContainer.tsx	57.14% <0.00%> (-22.27%)	⬇️
... and 158 more

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update fa7f144...01f0da1. Read the comment docs.

[villebro]

Thanks for taking on this challenge @Samira-El ! I left some thoughts, let me know what you think.

[nytai]

Can we also add a config to disable this behavior? We have a use case where we would like user impersonation enabled for query tracing purposes and for access control in SQL Lab, but we would still like to keep a shared cache for charts/dashboards.

[Samira-El]

Can we also add a config to disable this behavior? We have a use case where we would like user impersonation enabled for query tracing purposes and for access control in SQL Lab, but we would still like to keep a shared cache for charts/dashboards.

Hi ntai, sure no problem! :)

[Samira-El]

Bump @villebro @nytai

[betodealmeida]

This looks great, sorry for the delay! I've had a ticket to fix this for a few months now, and I just started a PR yesterday. Glad to see this implementation!

I left a suggestion on how to pass the user object without having to query the DB, I think it makes the feature more useful in the future. Other than that, this looks great!

[Samira-El]

Anything else required to merge this @villebro @nytai @betodealmeida ?

[betodealmeida]

Taking a look, sorry for the delay!

[betodealmeida]

Looks great! I'll merge once the tests finish.