fix: revert "fix(embedded): adding logic to check dataset used by filters (#24808)

[john-bodley]

SUMMARY

This PR reverts #24808. Regrettably @Vitor-Avila after further review I believe the logic outlined in your fix (per the integration test you added) exposes a security vulnerability, i.e., per this check in your test,

security_manager.raise_for_access(datasource=test_dataset)

will mean said user will have access to the test_dataset datasource irrespective of the context. Thus by granting dashboard access to to a guest user you would be in fact (possibly unknowingly) granting full access to all datasources which are referenced within the native dashboard filters.

I think the right—context aware—solution is to change the raise_for_access caller to include the dashboard context. Note in #24804 I've refactored the dashboard security logic by folding raise_for_dashboard_access into raise_for_access so the later is (or can be dashboard aware).

The TL;DR is your change flexes to accommodate the need for the dashboard filters to function but is over generous in terms of the context in which the permissions are allowed.

BEFORE/AFTER SCREENSHOTS OR ANIMATED GIF

TESTING INSTRUCTIONS

CI.

ADDITIONAL INFORMATION

• Has associated issue:
• Required feature flags:
• Changes UI
• Includes DB Migration (follow approval process in SIP-59)
  • Migration is atomic, supports rollback & is backwards-compatible
  • Confirm DB migration upgrade and downgrade tested
  • Runtime estimates and downtime expectations provided
• Introduces new feature or API
• Removes existing feature or API

[codecov]

Codecov Report

Merging #24892 (9f7e40f) into master (554ef07) will decrease coverage by 0.01%.
Report is 1 commits behind head on master.
The diff coverage is 100.00%.

❗ Current head 9f7e40f differs from pull request most recent head 2d00c63. Consider uploading reports for the commit 2d00c63 to get more accurate results

@@            Coverage Diff             @@
##           master   #24892      +/-   ##
==========================================
- Coverage   69.00%   69.00%   -0.01%     
==========================================
  Files        1906     1906              
  Lines       74142    74130      -12     
  Branches     8208     8208              
==========================================
- Hits        51160    51150      -10     
+ Misses      20859    20857       -2     
  Partials     2123     2123              

Flag	Coverage Δ
hive	54.15% <0.00%> (+0.01%)	⬆️
mysql	79.21% <100.00%> (-0.01%)	⬇️
postgres	79.31% <100.00%> (-0.01%)	⬇️
presto	54.05% <0.00%> (+0.01%)	⬆️
python	83.37% <100.00%> (+<0.01%)	⬆️
sqlite	77.89% <100.00%> (-0.01%)	⬇️
unit	55.01% <0.00%> (+0.01%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

Files Changed	Coverage Δ
superset/security/manager.py	93.94% <100.00%> (+0.18%)	⬆️

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more