-
Notifications
You must be signed in to change notification settings - Fork 14k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: allow subquery in ad-hoc SQL #19242
Conversation
Codecov Report
@@ Coverage Diff @@
## master #19242 +/- ##
==========================================
- Coverage 66.76% 66.59% -0.17%
==========================================
Files 1670 1670
Lines 64392 64413 +21
Branches 6499 6499
==========================================
- Hits 42991 42899 -92
- Misses 19718 19831 +113
Partials 1683 1683
Flags with carried forward coverage won't be shown. Click here to find out more.
Continue to review full report at Codecov.
|
This looks great! I was confused by the behavior of |
Co-authored-by: Beto Dealmeida <[email protected]>
Co-authored-by: David Aaron Suddjian <[email protected]>
…into allow-subquery # Conflicts: # superset/connectors/sqla/utils.py
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Lily, I tried to clarify my comment on the function. While the current approach works, having a boolean function that never returns False
makes it harder to reason about the code, so my suggestion is to have it return None
or raise an exception.
Co-authored-by: Beto Dealmeida <[email protected]>
Co-authored-by: Beto Dealmeida <[email protected]>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for changing the function, Lily!
🏷️ preset:2022.11 |
* allow adhoc subquery * add config for allow ad hoc subquery * default to true allow adhoc subquery * fix test * Update superset/errors.py Co-authored-by: Beto Dealmeida <[email protected]> * Update superset/connectors/sqla/utils.py Co-authored-by: David Aaron Suddjian <[email protected]> * rename and add doc string * fix for big query test * Update superset/connectors/sqla/utils.py Co-authored-by: Beto Dealmeida <[email protected]> * Apply suggestions from code review Co-authored-by: Beto Dealmeida <[email protected]> * add test * update validate adhoc subquery Co-authored-by: Beto Dealmeida <[email protected]> Co-authored-by: David Aaron Suddjian <[email protected]> (cherry picked from commit 50902d5)
* allow adhoc subquery * add config for allow ad hoc subquery * default to true allow adhoc subquery * fix test * Update superset/errors.py Co-authored-by: Beto Dealmeida <[email protected]> * Update superset/connectors/sqla/utils.py Co-authored-by: David Aaron Suddjian <[email protected]> * rename and add doc string * fix for big query test * Update superset/connectors/sqla/utils.py Co-authored-by: Beto Dealmeida <[email protected]> * Apply suggestions from code review Co-authored-by: Beto Dealmeida <[email protected]> * add test * update validate adhoc subquery Co-authored-by: Beto Dealmeida <[email protected]> Co-authored-by: David Aaron Suddjian <[email protected]> (cherry picked from commit 50902d5)
SUMMARY
RLS only works for basic case. The chart/data api allows several controls (ad-hoc metrics, ad-hoc filters) where users can write any SQL in these fields, including subqueries. Any subqueries, or nested subqueries, do not currently have RLS rules applied to them and thus can leak data users shouldn’t have access to.
This PR allows most of ad-hoc sql but reject adhoc contains subqueries or nested subqueries. It is using helper #19055. The feature flag
ALLOW_ADHOC_SUBQUERY
is set to False by default.We will have a follow up implementation to add RLS rules to subqueries and nested subqueries.
BEFORE/AFTER SCREENSHOTS OR ANIMATED GIF
TESTING INSTRUCTIONS
ADDITIONAL INFORMATION