diff --git a/caravel/views.py b/caravel/views.py index 4dfb4e3818746..5c58fbfe18f36 100755 --- a/caravel/views.py +++ b/caravel/views.py @@ -1088,25 +1088,31 @@ def override_role_permissions(self): for dbs in databases: for schema in dbs['schema']: for ds_name in schema['datasources']: - db_ds_names.add(utils.get_datasource_full_name( - dbs['name'], ds_name, schema=schema['name'])) + fullname = utils.get_datasource_full_name( + dbs['name'], ds_name, schema=schema['name']) + db_ds_names.add(fullname) existing_datasources = SourceRegistry.get_all_datasources(db.session) datasources = [ d for d in existing_datasources if d.full_name in db_ds_names] - role = sm.find_role(role_name) # remove all permissions role.permissions = [] # grant permissions to the list of datasources - for ds_name in datasources: - role.permissions.append( - sm.find_permission_view_menu( - view_menu_name=ds_name.perm, + granted_perms = [] + for datasource in datasources: + view_menu_perm = sm.find_permission_view_menu( + view_menu_name=datasource.perm, permission_name='datasource_access') - ) + # prevent creating empty permissions + if view_menu_perm and view_menu_perm.view_menu: + role.permissions.append(view_menu_perm) + granted_perms.append(view_menu_perm.view_menu.name) db.session.commit() - return Response(status=201) + return Response(json.dumps({ + 'granted': granted_perms, + 'requested': list(db_ds_names) + }), status=201) @log_this @has_access diff --git a/tests/access_tests.py b/tests/access_tests.py index 65e6a9a6670d6..30606a4a7dca6 100644 --- a/tests/access_tests.py +++ b/tests/access_tests.py @@ -44,6 +44,7 @@ ] } + class RequestAccessTests(CaravelTestCase): requires_examples = False