Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(queries): security perm simplification #12072

Merged
merged 4 commits into from
Dec 17, 2020

Conversation

dpgaspar
Copy link
Member

@dpgaspar dpgaspar commented Dec 16, 2020

SUMMARY

security permission simplification. Scope Queries for API and MVC FAB classes.

Existing permissions:

Permission View
can_list QueryView
can_show QueryView

Future permissions:

Permission View
can_read Query

ADDITIONAL INFORMATION

  • Has associated issue:
  • Changes UI
  • Requires DB Migration.
  • Confirm DB Migration upgrade and downgrade tested.
  • Introduces new feature or API
  • Removes existing feature or API

@codecov-io
Copy link

codecov-io commented Dec 16, 2020

Codecov Report

Merging #12072 (fcd13ae) into master (2302adb) will decrease coverage by 3.34%.
The diff coverage is 9.09%.

Impacted file tree graph

@@            Coverage Diff             @@
##           master   #12072      +/-   ##
==========================================
- Coverage   67.55%   64.21%   -3.35%     
==========================================
  Files         959      477     -482     
  Lines       47154    29417   -17737     
  Branches     4609        0    -4609     
==========================================
- Hits        31857    18891   -12966     
+ Misses      15185    10526    -4659     
+ Partials      112        0     -112     
Flag Coverage Δ
cypress ?
javascript ?
python 64.21% <9.09%> (-0.10%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files Coverage Δ
...versions/e37912a26567_security_converge_queries.py 0.00% <0.00%> (ø)
superset/queries/api.py 100.00% <100.00%> (ø)
superset/db_engine_specs/sqlite.py 65.62% <0.00%> (-9.38%) ⬇️
superset/utils/celery.py 96.42% <0.00%> (-3.58%) ⬇️
superset/result_set.py 96.69% <0.00%> (-1.66%) ⬇️
superset/connectors/sqla/models.py 91.24% <0.00%> (-0.27%) ⬇️
superset-frontend/src/utils/copy.ts
...et-frontend/src/components/RefreshChartOverlay.tsx
...t-frontend/src/SqlLab/components/ColumnElement.tsx
.../src/explore/components/controls/BoundsControl.jsx
... and 480 more

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 2302adb...fcd13ae. Read the comment docs.

@dpgaspar dpgaspar requested a review from willbarrett December 16, 2020 14:49
@dpgaspar dpgaspar added the risk:db-migration PRs that require a DB migration label Dec 16, 2020
@dpgaspar dpgaspar merged commit 5d9721e into apache:master Dec 17, 2020
@dpgaspar dpgaspar deleted the feat/security-converge-queries branch December 17, 2020 14:27
amitmiran137 pushed a commit to simcha90/incubator-superset that referenced this pull request Dec 18, 2020
* upstream/master: (55 commits)
  feat(explore): time picker enhancement (apache#11418)
  feat: update alert/report icons and column order (apache#12081)
  feat(explore): metrics and filters controls redesign (apache#12095)
  feat(alerts/reports): add refresh action (apache#12071)
  chore: add latest tag action (apache#11148)
  fix(reports): increase crontab size and alert fixes (apache#12056)
  Small typo fix in Athena connection docs (apache#12099)
  feat(queries): security perm simplification (apache#12072)
  feat(databases): security perm simplification (apache#12036)
  feat(dashboards): security permissions simplification (apache#12012)
  feat(logs): security permissions simplification (apache#12061)
  chore: Remove unused CodeModal (apache#11972)
  Fix typescript error (apache#12074)
  fix: handle context-dependent feature flags in CLI (apache#12088)
  fix: Fix "View in SQLLab" bug (apache#12086)
  feat(alert/report): add 'not null' condition option to modal (apache#12077)
  bumping superset ui to 15.18 and deckgl to 0.3.2 (apache#12078)
  fix: Python dependencies in apache#11499 (apache#12079)
  reset active tab on open (apache#12048)
  fix: improve import flow UI/UX (apache#12070)
  ...
@mistercrunch mistercrunch added 🏷️ bot A label used by `supersetbot` to keep track of which PR where auto-tagged with release labels 🚢 1.0.0 labels Mar 12, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
🏷️ bot A label used by `supersetbot` to keep track of which PR where auto-tagged with release labels risk:db-migration PRs that require a DB migration size/M 🚢 1.0.0
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants