apache · rusackas · Oct 11, 2023 · Sep 19, 2023 · Sep 19, 2023 · Sep 25, 2023
diff --git a/superset/security/manager.py b/superset/security/manager.py
@@ -736,14 +736,7 @@ def create_missing_perms(self) -> None:
 
         logger.info("Fetching a set of all perms to lookup which ones are missing")
         all_pvs = set()
-        for pv in (
-            self.get_session.query(self.permissionview_model)
-            .options(
-                eagerload(self.permissionview_model.permission),
-                eagerload(self.permissionview_model.view_menu),
-            )
-            .all()
-        ):
+        for pv in self._get_all_pvms():
             if pv.permission and pv.view_menu:
                 all_pvs.add((pv.permission.name, pv.view_menu.name))
 
@@ -791,16 +784,7 @@ def sync_role_definitions(self) -> None:
 
         self.create_custom_permissions()
 
-        # Fetch all pvms
-        pvms = (
-            self.get_session.query(PermissionView)
-            .options(
-                eagerload(PermissionView.permission),
-                eagerload(PermissionView.view_menu),
-            )
-            .all()
-        )
-        pvms = [p for p in pvms if p.permission and p.view_menu]
+        pvms = self._get_all_pvms()
 
         # Creating default roles
         self.set_role("Admin", self._is_admin_pvm, pvms)
@@ -822,6 +806,19 @@ def sync_role_definitions(self) -> None:
         self.get_session.commit()
         self.clean_perms()
 
+    def _get_all_pvms(self) -> list[PermissionView]:
+        # Fetch all pvms
+        pvms = (
+            self.get_session.query(self.permissionview_model)
+            .options(
+                eagerload(self.permissionview_model.permission),
+                eagerload(self.permissionview_model.view_menu),
+            )
+            .all()
+        )
+        pvms = [p for p in pvms if p.permission and p.view_menu]
+        return pvms
+
     def _get_pvms_from_builtin_role(self, role_name: str) -> list[PermissionView]:
         """
         Gets a list of model PermissionView permissions inferred from a builtin role