[security] allow security manager provide error message #5500

timifasubaa · 2018-07-26T22:39:23Z

This PR

Makes the superset access request flow optional again.
Allows the security manager provide the error message for access request denials.

@john-bodley @michellethomas @mistercrunch

codecov-io · 2018-07-27T19:03:46Z

Codecov Report

Merging #5500 into master will decrease coverage by 0.07%.
The diff coverage is 30.76%.

@@            Coverage Diff             @@
##           master    #5500      +/-   ##
==========================================
- Coverage   63.37%   63.29%   -0.08%     
==========================================
  Files         349      349              
  Lines       22110    22114       +4     
  Branches     2455     2455              
==========================================
- Hits        14013    13998      -15     
- Misses       8083     8102      +19     
  Partials       14       14

Impacted Files	Coverage Δ
superset/views/core.py	`74.17% <16.66%> (-1.16%)`	⬇️
superset/security.py	`73.09% <42.85%> (-1.12%)`	⬇️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update d373178...a0c4858. Read the comment docs.

john-bodley

Overall LGTM. I agree with the idea of moving this logic to the security manager. I just had one question regarding one of the checks.

john-bodley · 2018-07-27T20:32:57Z

superset/views/core.py

@@ -1260,9 +1255,11 @@ def explore(self, datasource_type=None, datasource_id=None):
            flash(DATASOURCE_MISSING_ERR, 'danger')
            return redirect(error_redirect)

-        if not security_manager.datasource_access(datasource):
+        if config.get('ENABLE_ACCESS_REQUEST') and (


Why was this check added?

A check is done at a lower point (in explore_json) This check here is strictly for redirecting users who don't have access to the access request page.

(cherry picked from commit 3b6cafc)

timifasubaa force-pushed the allow_security_manager_provide_error_message branch 6 times, most recently from e4375f2 to f87585d Compare July 27, 2018 18:13

allow security manager provide error message

a0c4858

timifasubaa force-pushed the allow_security_manager_provide_error_message branch from f87585d to a0c4858 Compare July 27, 2018 18:40

timifasubaa changed the title ~~[WIP] allow security manager provide error message~~ [security] allow security manager provide error message Jul 27, 2018

john-bodley reviewed Jul 27, 2018

View reviewed changes

timifasubaa merged commit 3b6cafc into apache:master Jul 27, 2018

timifasubaa added a commit to airbnb/superset-fork that referenced this pull request Aug 2, 2018

allow security manager provide error message (apache#5500)

ca86762

(cherry picked from commit 3b6cafc)

wenchma pushed a commit to wenchma/incubator-superset that referenced this pull request Nov 16, 2018

allow security manager provide error message (apache#5500)

67aebb2

mistercrunch added 🏷️ bot A label used by `supersetbot` to keep track of which PR where auto-tagged with release labels 🚢 0.28.0 labels Feb 27, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[security] allow security manager provide error message #5500

[security] allow security manager provide error message #5500

timifasubaa commented Jul 26, 2018 •

edited

Loading

codecov-io commented Jul 27, 2018

john-bodley left a comment

john-bodley Jul 27, 2018

timifasubaa Jul 27, 2018

[security] allow security manager provide error message #5500

[security] allow security manager provide error message #5500

Conversation

timifasubaa commented Jul 26, 2018 • edited Loading

codecov-io commented Jul 27, 2018

Codecov Report

john-bodley left a comment

Choose a reason for hiding this comment

john-bodley Jul 27, 2018

Choose a reason for hiding this comment

timifasubaa Jul 27, 2018

Choose a reason for hiding this comment

timifasubaa commented Jul 26, 2018 •

edited

Loading