Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Make sure anonymous user with proper permissions can access data #415

Merged
merged 4 commits into from
May 4, 2016
Merged

Make sure anonymous user with proper permissions can access data #415

merged 4 commits into from
May 4, 2016

Conversation

asydorchuk
Copy link
Contributor

@asydorchuk asydorchuk commented Apr 29, 2016

The current implementation will throw exception when listing or accessing dashboards for the anonymous user that belongs to Public role and has proper permissions, because id and roles properties are not defined for flask AnonymousUserMixin.

@landscape-bot
Copy link

Code Health
Code quality remained the same when pulling 33f04dd on asydorchuk:master into 77e4d4b on airbnb:master.

@coveralls
Copy link

coveralls commented Apr 29, 2016

Coverage Status

Coverage increased (+0.4%) to 81.353% when pulling 33f04ddcbfffdd9f8358e65c3ae75f42280963bd on asydorchuk:master into 77e4d4b on airbnb:master.

@@ -32,10 +32,16 @@
log_this = models.Log.log_this


def get_roles():
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

get_user_roles

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done.

@mistercrunch
Copy link
Member

This is great overall! I like the idea but I'm more concerned about testing public not having access to slices and dashboards. Maybe the tests should give access to only one dataset and confirm that only that dataset is accessible.

We may want to add a configuration flag PUBLIC_ROLE_LIKE_GAMMA (False by default) which would give the same access level to public as gamma does (adding missing the permissions only, not removing any), then it would be for admins to add specific datasets to the public role to allow for specific slices and dashboards.

@landscape-bot
Copy link

Code Health
Code quality remained the same when pulling d33accb on asydorchuk:master into 77e4d4b on airbnb:master.

@mistercrunch
Copy link
Member

Let me know if you want to take on PUBLIC_ROLE_LIKE_GAMMA as part of this PR, we could save it for another PR if you prefer.

@coveralls
Copy link

coveralls commented Apr 29, 2016

Coverage Status

Coverage increased (+0.4%) to 81.353% when pulling d33accb66fe41d26d5f376c54088a18ca19eb45b on asydorchuk:master into 77e4d4b on airbnb:master.

@asydorchuk
Copy link
Contributor Author

I agree about testing public not having access to the specific slices or dashboards. Going to add more tests.

Regarding PUBLIC_ROLE_LIKE_GAMMA flag, let's have it as a separate pull request.

@landscape-bot
Copy link

Code Health
Code quality remained the same when pulling 8c00ab1 on asydorchuk:master into 77e4d4b on airbnb:master.

@coveralls
Copy link

coveralls commented May 2, 2016

Coverage Status

Coverage increased (+0.4%) to 81.369% when pulling 8c00ab15c1a389c80878b057835081775261d23a on asydorchuk:master into 77e4d4b on airbnb:master.

@landscape-bot
Copy link

Code Health
Code quality remained the same when pulling 2c602e7 on asydorchuk:master into 88c9516 on airbnb:master.

@coveralls
Copy link

coveralls commented May 2, 2016

Coverage Status

Coverage increased (+0.4%) to 81.269% when pulling 2c602e7 on asydorchuk:master into 88c9516 on airbnb:master.

@asydorchuk
Copy link
Contributor Author

@mistercrunch please have another look. In order to make the tests work, I needed to replace lazy_gettext with gettext method for flashing translations. The issue and behavior I was getting otherwise is described here: pallets/flask#812

@landscape-bot
Copy link

Code Health
Code quality remained the same when pulling 31c072d on asydorchuk:master into 88c9516 on airbnb:master.

@coveralls
Copy link

coveralls commented May 3, 2016

Coverage Status

Coverage increased (+0.5%) to 81.343% when pulling 31c072d on asydorchuk:master into 88c9516 on airbnb:master.

@mistercrunch
Copy link
Member

Ok this is good! I'm planning on adding support for role definition as part of the configurations in the near future.

@mistercrunch mistercrunch merged commit 0bedaed into apache:master May 4, 2016
@asydorchuk
Copy link
Contributor Author

Thanks! Config role definitions sounds like a great addition. We use puppet in our organization and that would simplify caravel setup on service machines. I am going to prepare a separate pull request for PUBLIC_ROLE_LIKE_GAMMA flag.

zhaoyongjie pushed a commit to zhaoyongjie/incubator-superset that referenced this pull request Nov 17, 2021
Bumps [lint-staged](https://github.com/okonet/lint-staged) from 10.1.3 to 10.2.0.
- [Release notes](https://github.com/okonet/lint-staged/releases)
- [Commits](lint-staged/lint-staged@v10.1.3...v10.2.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
zhaoyongjie pushed a commit to zhaoyongjie/incubator-superset that referenced this pull request Nov 24, 2021
Bumps [lint-staged](https://github.com/okonet/lint-staged) from 10.1.3 to 10.2.0.
- [Release notes](https://github.com/okonet/lint-staged/releases)
- [Commits](lint-staged/lint-staged@v10.1.3...v10.2.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
zhaoyongjie pushed a commit to zhaoyongjie/incubator-superset that referenced this pull request Nov 25, 2021
Bumps [lint-staged](https://github.com/okonet/lint-staged) from 10.1.3 to 10.2.0.
- [Release notes](https://github.com/okonet/lint-staged/releases)
- [Commits](lint-staged/lint-staged@v10.1.3...v10.2.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
zhaoyongjie pushed a commit to zhaoyongjie/incubator-superset that referenced this pull request Nov 26, 2021
Bumps [lint-staged](https://github.com/okonet/lint-staged) from 10.1.3 to 10.2.0.
- [Release notes](https://github.com/okonet/lint-staged/releases)
- [Commits](lint-staged/lint-staged@v10.1.3...v10.2.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
@mistercrunch mistercrunch added 🏷️ bot A label used by `supersetbot` to keep track of which PR where auto-tagged with release labels 🚢 0.9.0 labels Feb 19, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
🏷️ bot A label used by `supersetbot` to keep track of which PR where auto-tagged with release labels 🚢 0.9.0
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants