Skip to content

Commit

Permalink
make filters use security manager
Browse files Browse the repository at this point in the history
  • Loading branch information
@timifasubaa
timifasubaa committed Aug 6, 2018
1 parent f5ad661 commit a581bc6
Show file tree
Hide file tree
Showing 3 changed files with 15 additions and 8 deletions.
9 changes: 9 additions & 0 deletions superset/security.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -85,6 +85,15 @@ def get_schema_perm(self, database, schema):
if schema:
return '[{}].[{}]'.format(database, schema)

def always_list_all_dashboards(self):
return False

def always_list_all_slices(self):
return False

def always_list_all_datasources(self):
return False

def can_access(self, permission_name, view_name, user=None):
"""Protecting from has_access failing from missing perms/view"""
if not user:
Expand Down
8 changes: 2 additions & 6 deletions superset/views/base.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -248,15 +248,11 @@ def get_view_menus(self, permission_name):
vm.add(vm_name)
return vm

def has_all_datasource_access(self):
return (
self.has_role(['Admin', 'Alpha']) or
self.has_perm('all_datasource_access', 'all_datasource_access'))


class DatasourceFilter(SupersetFilter):
def apply(self, query, func): # noqa
if self.has_all_datasource_access():
if (security_manager.all_datasource_access() or
security_manager.always_list_all_datasources()):
return query
perms = self.get_view_menus('datasource_access')
# TODO(bogdan): add `schema_access` support here
Expand Down
6 changes: 4 additions & 2 deletions superset/views/core.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -136,7 +136,8 @@ def check_ownership(obj, raise_if_false=True):

class SliceFilter(SupersetFilter):
def apply(self, query, func): # noqa
if self.has_all_datasource_access():
if (security_manager.all_datasource_access() or
security_manager.always_list_all_slices()):
return query
perms = self.get_view_menus('datasource_access')
# TODO(bogdan): add `schema_access` support here
Expand All @@ -148,7 +149,8 @@ class DashboardFilter(SupersetFilter):
"""List dashboards for which users have access to at least one slice or are owners"""

def apply(self, query, func): # noqa
if self.has_all_datasource_access():
if (security_manager.all_datasource_access() or
security_manager.always_list_all_dashboards()):
return query
Slice = models.Slice # noqa
Dash = models.Dashboard # noqa
Expand Down

0 comments on commit a581bc6

Please sign in to comment.