mirror of
https://github.com/apache/superset.git
synced 2026-04-19 16:14:52 +00:00
chore: remove deprecated apis and ENABLE_BROAD_ACTIVITY_ACCESS (#24400)
This commit is contained in:
Daniel Vaz Gaspar
committed by
GitHub
GitHub
parent
dc042c6c3d
commit
23bb1c48a1
@@ -605,54 +605,6 @@ class TestChartApi(SupersetTestCase, ApiOwnersTestCaseMixin, InsertChartMixin):
|
||||
db.session.delete(model)
|
||||
db.session.commit()
|
||||
|
||||
@pytest.mark.usefixtures("load_birth_names_dashboard_with_slices")
|
||||
@with_feature_flags(ENABLE_BROAD_ACTIVITY_ACCESS=False)
|
||||
def test_chart_activity_access_disabled(self):
|
||||
"""
|
||||
Chart API: Test ENABLE_BROAD_ACTIVITY_ACCESS = False
|
||||
"""
|
||||
admin = self.get_user("admin")
|
||||
birth_names_table_id = SupersetTestCase.get_table(name="birth_names").id
|
||||
chart_id = self.insert_chart("title", [admin.id], birth_names_table_id).id
|
||||
chart_data = {
|
||||
"slice_name": (new_name := "title1_changed"),
|
||||
}
|
||||
self.login(username="admin")
|
||||
uri = f"api/v1/chart/{chart_id}"
|
||||
rv = self.put_assert_metric(uri, chart_data, "put")
|
||||
self.assertEqual(rv.status_code, 200)
|
||||
model = db.session.query(Slice).get(chart_id)
|
||||
|
||||
self.assertEqual(model.slice_name, new_name)
|
||||
self.assertEqual(model.changed_by_url, "")
|
||||
|
||||
db.session.delete(model)
|
||||
db.session.commit()
|
||||
|
||||
@pytest.mark.usefixtures("load_birth_names_dashboard_with_slices")
|
||||
@with_feature_flags(ENABLE_BROAD_ACTIVITY_ACCESS=True)
|
||||
def test_chart_activity_access_enabled(self):
|
||||
"""
|
||||
Chart API: Test ENABLE_BROAD_ACTIVITY_ACCESS = True
|
||||
"""
|
||||
admin = self.get_user("admin")
|
||||
birth_names_table_id = SupersetTestCase.get_table(name="birth_names").id
|
||||
chart_id = self.insert_chart("title", [admin.id], birth_names_table_id).id
|
||||
chart_data = {
|
||||
"slice_name": (new_name := "title1_changed"),
|
||||
}
|
||||
self.login(username="admin")
|
||||
uri = f"api/v1/chart/{chart_id}"
|
||||
rv = self.put_assert_metric(uri, chart_data, "put")
|
||||
self.assertEqual(rv.status_code, 200)
|
||||
model = db.session.query(Slice).get(chart_id)
|
||||
|
||||
self.assertEqual(model.slice_name, new_name)
|
||||
self.assertEqual(model.changed_by_url, "/superset/profile/admin")
|
||||
|
||||
db.session.delete(model)
|
||||
db.session.commit()
|
||||
|
||||
@pytest.mark.usefixtures("load_birth_names_dashboard_with_slices")
|
||||
def test_chart_get_list_no_username(self):
|
||||
"""
|
||||
|
||||
@@ -23,8 +23,10 @@ import json
|
||||
import logging
|
||||
from urllib.parse import quote
|
||||
|
||||
import prison
|
||||
import superset.utils.database
|
||||
from superset.utils.core import backend
|
||||
from tests.integration_tests.fixtures.public_role import public_role_like_gamma
|
||||
from tests.integration_tests.fixtures.birth_names_dashboard import (
|
||||
load_birth_names_dashboard_with_slices,
|
||||
load_birth_names_data,
|
||||
@@ -47,6 +49,7 @@ from tests.integration_tests.fixtures.energy_dashboard import (
|
||||
load_energy_table_with_slice,
|
||||
load_energy_table_data,
|
||||
)
|
||||
from tests.integration_tests.insert_chart_mixin import InsertChartMixin
|
||||
from tests.integration_tests.test_app import app
|
||||
import superset.views.utils
|
||||
from superset import (
|
||||
@@ -89,7 +92,7 @@ def cleanup():
|
||||
yield
|
||||
|
||||
|
||||
class TestCore(SupersetTestCase):
|
||||
class TestCore(SupersetTestCase, InsertChartMixin):
|
||||
def setUp(self):
|
||||
self.table_ids = {
|
||||
tbl.table_name: tbl.id for tbl in (db.session.query(SqlaTable).all())
|
||||
@@ -100,6 +103,50 @@ class TestCore(SupersetTestCase):
|
||||
db.session.query(Query).delete()
|
||||
app.config["PREVENT_UNSAFE_DB_CONNECTIONS"] = self.original_unsafe_db_setting
|
||||
|
||||
def insert_dashboard_created_by(self, username: str) -> Dashboard:
|
||||
user = self.get_user(username)
|
||||
dashboard = self.insert_dashboard(
|
||||
f"create_title_test",
|
||||
f"create_slug_test",
|
||||
[user.id],
|
||||
created_by=user,
|
||||
)
|
||||
return dashboard
|
||||
|
||||
def insert_chart_created_by(self, username: str) -> Slice:
|
||||
user = self.get_user(username)
|
||||
dataset = db.session.query(SqlaTable).first()
|
||||
chart = self.insert_chart(
|
||||
f"create_title_test",
|
||||
[user.id],
|
||||
dataset.id,
|
||||
created_by=user,
|
||||
)
|
||||
return chart
|
||||
|
||||
@pytest.fixture()
|
||||
def insert_dashboard_created_by_admin(self):
|
||||
with self.create_app().app_context():
|
||||
dashboard = self.insert_dashboard_created_by("admin")
|
||||
yield dashboard
|
||||
db.session.delete(dashboard)
|
||||
db.session.commit()
|
||||
|
||||
@pytest.fixture()
|
||||
def insert_dashboard_created_by_gamma(self):
|
||||
dashboard = self.insert_dashboard_created_by("gamma")
|
||||
yield dashboard
|
||||
db.session.delete(dashboard)
|
||||
db.session.commit()
|
||||
|
||||
@pytest.fixture()
|
||||
def insert_chart_created_by_admin(self):
|
||||
with self.create_app().app_context():
|
||||
chart = self.insert_chart_created_by("admin")
|
||||
yield chart
|
||||
db.session.delete(chart)
|
||||
db.session.commit()
|
||||
|
||||
def test_login(self):
|
||||
resp = self.get_resp("/login/", data=dict(username="admin", password="general"))
|
||||
self.assertNotIn("User confirmation needed", resp)
|
||||
@@ -262,43 +309,6 @@ class TestCore(SupersetTestCase):
|
||||
resp = self.client.get(url)
|
||||
self.assertEqual(resp.status_code, 200)
|
||||
|
||||
@pytest.mark.usefixtures("load_birth_names_dashboard_with_slices")
|
||||
def test_get_user_slices_for_owners(self):
|
||||
self.login(username="alpha")
|
||||
user = security_manager.find_user("alpha")
|
||||
slice_name = "Girls"
|
||||
|
||||
# ensure user is not owner of any slices
|
||||
url = f"/superset/user_slices/{user.id}/"
|
||||
resp = self.client.get(url)
|
||||
data = json.loads(resp.data)
|
||||
self.assertEqual(data, [])
|
||||
|
||||
# make user owner of slice and verify that endpoint returns said slice
|
||||
slc = self.get_slice(
|
||||
slice_name=slice_name, session=db.session, expunge_from_session=False
|
||||
)
|
||||
slc.owners = [user]
|
||||
db.session.merge(slc)
|
||||
db.session.commit()
|
||||
url = f"/superset/user_slices/{user.id}/"
|
||||
resp = self.client.get(url)
|
||||
data = json.loads(resp.data)
|
||||
self.assertEqual(len(data), 1)
|
||||
self.assertEqual(data[0]["title"], slice_name)
|
||||
|
||||
# remove ownership and ensure user no longer gets slice
|
||||
slc = self.get_slice(
|
||||
slice_name=slice_name, session=db.session, expunge_from_session=False
|
||||
)
|
||||
slc.owners = []
|
||||
db.session.merge(slc)
|
||||
db.session.commit()
|
||||
url = f"/superset/user_slices/{user.id}/"
|
||||
resp = self.client.get(url)
|
||||
data = json.loads(resp.data)
|
||||
self.assertEqual(data, [])
|
||||
|
||||
def test_get_user_slices(self):
|
||||
self.login(username="admin")
|
||||
userid = security_manager.find_user("admin").id
|
||||
@@ -483,71 +493,99 @@ class TestCore(SupersetTestCase):
|
||||
for k in keys:
|
||||
self.assertIn(k, resp.keys())
|
||||
|
||||
@staticmethod
|
||||
def _get_user_activity_endpoints(user: str):
|
||||
userid = security_manager.find_user(user).id
|
||||
return (
|
||||
f"/superset/recent_activity/{userid}/",
|
||||
f"/superset/created_slices/{userid}/",
|
||||
f"/superset/created_dashboards/{userid}/",
|
||||
f"/superset/fave_slices/{userid}/",
|
||||
f"/superset/fave_dashboards/{userid}/",
|
||||
f"/superset/user_slices/{userid}/",
|
||||
f"/superset/fave_dashboards_by_username/{user}/",
|
||||
)
|
||||
|
||||
@pytest.mark.usefixtures("insert_dashboard_created_by_admin")
|
||||
@pytest.mark.usefixtures("insert_chart_created_by_admin")
|
||||
@pytest.mark.usefixtures("load_birth_names_dashboard_with_slices")
|
||||
def test_user_profile(self, username="admin"):
|
||||
self.login(username=username)
|
||||
slc = self.get_slice("Girls", db.session)
|
||||
dashboard = db.session.query(Dashboard).filter_by(slug="births").first()
|
||||
# Set a favorite dashboard
|
||||
self.client.post(f"/api/v1/dashboard/{dashboard.id}/favorites/", json={})
|
||||
# Set a favorite chart
|
||||
self.client.post(f"/api/v1/chart/{slc.id}/favorites/", json={})
|
||||
|
||||
# Setting some faves
|
||||
url = f"/superset/favstar/Slice/{slc.id}/select/"
|
||||
resp = self.get_json_resp(url)
|
||||
self.assertEqual(resp["count"], 1)
|
||||
# Get favorite dashboards:
|
||||
request_query = {
|
||||
"columns": ["created_on_delta_humanized", "dashboard_title", "url"],
|
||||
"filters": [{"col": "id", "opr": "dashboard_is_favorite", "value": True}],
|
||||
"keys": ["none"],
|
||||
"order_column": "changed_on",
|
||||
"order_direction": "desc",
|
||||
"page": 0,
|
||||
"page_size": 100,
|
||||
}
|
||||
url = f"/api/v1/dashboard/?q={prison.dumps(request_query)}"
|
||||
resp = self.client.get(url)
|
||||
assert resp.json["count"] == 1
|
||||
assert resp.json["result"][0]["dashboard_title"] == "USA Births Names"
|
||||
|
||||
dash = db.session.query(Dashboard).filter_by(slug="births").first()
|
||||
url = f"/superset/favstar/Dashboard/{dash.id}/select/"
|
||||
resp = self.get_json_resp(url)
|
||||
self.assertEqual(resp["count"], 1)
|
||||
# Get Favorite Charts
|
||||
request_query = {
|
||||
"filters": [{"col": "id", "opr": "chart_is_favorite", "value": True}],
|
||||
"order_column": "slice_name",
|
||||
"order_direction": "asc",
|
||||
"page": 0,
|
||||
"page_size": 25,
|
||||
}
|
||||
url = f"api/v1/chart/?q={prison.dumps(request_query)}"
|
||||
resp = self.client.get(url)
|
||||
assert resp.json["count"] == 1
|
||||
assert resp.json["result"][0]["id"] == slc.id
|
||||
|
||||
resp = self.get_resp(f"/superset/profile/{username}/")
|
||||
# Get recent activity
|
||||
url = "/api/v1/log/recent_activity/?q=(page_size:50)"
|
||||
resp = self.client.get(url)
|
||||
# TODO data for recent activity varies for sqlite, we should be able to assert
|
||||
# the returned data
|
||||
assert resp.status_code == 200
|
||||
|
||||
# Get dashboards created by the user
|
||||
request_query = {
|
||||
"columns": ["created_on_delta_humanized", "dashboard_title", "url"],
|
||||
"filters": [
|
||||
{"col": "created_by", "opr": "dashboard_created_by_me", "value": "me"}
|
||||
],
|
||||
"keys": ["none"],
|
||||
"order_column": "changed_on",
|
||||
"order_direction": "desc",
|
||||
"page": 0,
|
||||
"page_size": 100,
|
||||
}
|
||||
url = f"/api/v1/dashboard/?q={prison.dumps(request_query)}"
|
||||
resp = self.client.get(url)
|
||||
assert resp.json["result"][0]["dashboard_title"] == "create_title_test"
|
||||
|
||||
# Get charts created by the user
|
||||
request_query = {
|
||||
"columns": ["created_on_delta_humanized", "slice_name", "url"],
|
||||
"filters": [
|
||||
{"col": "created_by", "opr": "chart_created_by_me", "value": "me"}
|
||||
],
|
||||
"keys": ["none"],
|
||||
"order_column": "changed_on_delta_humanized",
|
||||
"order_direction": "desc",
|
||||
"page": 0,
|
||||
"page_size": 100,
|
||||
}
|
||||
url = f"/api/v1/chart/?q={prison.dumps(request_query)}"
|
||||
resp = self.client.get(url)
|
||||
assert resp.json["count"] == 1
|
||||
assert resp.json["result"][0]["slice_name"] == "create_title_test"
|
||||
|
||||
resp = self.get_resp(f"/superset/profile/")
|
||||
self.assertIn('"app"', resp)
|
||||
|
||||
for endpoint in self._get_user_activity_endpoints(username):
|
||||
data = self.get_json_resp(endpoint)
|
||||
self.assertNotIn("message", data)
|
||||
|
||||
def test_user_profile_default_access(self):
|
||||
def test_user_profile_gamma(self):
|
||||
self.login(username="gamma")
|
||||
resp = self.client.get(f"/superset/profile/admin/")
|
||||
self.assertEqual(resp.status_code, 403)
|
||||
resp = self.get_resp(f"/superset/profile/")
|
||||
self.assertIn('"app"', resp)
|
||||
|
||||
@with_feature_flags(ENABLE_BROAD_ACTIVITY_ACCESS=True)
|
||||
def test_user_profile_broad_access(self):
|
||||
self.login(username="gamma")
|
||||
resp = self.client.get(f"/superset/profile/admin/")
|
||||
self.assertEqual(resp.status_code, 200)
|
||||
|
||||
@pytest.mark.usefixtures("load_birth_names_dashboard_with_slices")
|
||||
def test_user_activity_default_access(self, username="gamma"):
|
||||
self.login(username=username)
|
||||
|
||||
for user in ("admin", "gamma"):
|
||||
for endpoint in self._get_user_activity_endpoints(user):
|
||||
resp = self.client.get(endpoint)
|
||||
expected_status_code = 200 if user == username else 403
|
||||
assert resp.status_code == expected_status_code
|
||||
|
||||
@pytest.mark.usefixtures("load_birth_names_dashboard_with_slices")
|
||||
@with_feature_flags(ENABLE_BROAD_ACTIVITY_ACCESS=True)
|
||||
def test_user_activity_broad_access(self, username="gamma"):
|
||||
self.login(username=username)
|
||||
|
||||
for user in ("admin", "gamma"):
|
||||
for endpoint in self._get_user_activity_endpoints(user):
|
||||
resp = self.client.get(endpoint)
|
||||
assert resp.status_code == 200
|
||||
@pytest.mark.usefixtures("public_role_like_gamma")
|
||||
def test_user_profile_anonymous(self):
|
||||
self.logout()
|
||||
resp = self.client.get("/superset/profile/")
|
||||
assert resp.status_code == 404
|
||||
|
||||
@pytest.mark.usefixtures("load_birth_names_dashboard_with_slices")
|
||||
def test_slice_id_is_always_logged_correctly_on_web_request(self):
|
||||
@@ -1025,7 +1063,7 @@ class TestCore(SupersetTestCase):
|
||||
"/superset/sqllab",
|
||||
"/superset/welcome",
|
||||
f"/superset/dashboard/{dash_id}/",
|
||||
"/superset/profile/admin/",
|
||||
"/superset/profile/",
|
||||
f"/explore/?datasource_type=table&datasource_id={tbl_id}",
|
||||
]
|
||||
for url in urls:
|
||||
|
||||
@@ -368,7 +368,6 @@ class TestDashboardApi(SupersetTestCase, ApiOwnersTestCaseMixin, InsertChartMixi
|
||||
"certification_details": None,
|
||||
"changed_by": None,
|
||||
"changed_by_name": "",
|
||||
"changed_by_url": "",
|
||||
"charts": [],
|
||||
"created_by": {
|
||||
"id": 1,
|
||||
@@ -1326,52 +1325,6 @@ class TestDashboardApi(SupersetTestCase, ApiOwnersTestCaseMixin, InsertChartMixi
|
||||
db.session.delete(model)
|
||||
db.session.commit()
|
||||
|
||||
@with_feature_flags(ENABLE_BROAD_ACTIVITY_ACCESS=False)
|
||||
def test_dashboard_activity_access_disabled(self):
|
||||
"""
|
||||
Dashboard API: Test ENABLE_BROAD_ACTIVITY_ACCESS = False
|
||||
"""
|
||||
admin = self.get_user("admin")
|
||||
admin_role = self.get_role("Admin")
|
||||
dashboard_id = self.insert_dashboard(
|
||||
"title1", "slug1", [admin.id], roles=[admin_role.id]
|
||||
).id
|
||||
self.login(username="admin")
|
||||
uri = f"api/v1/dashboard/{dashboard_id}"
|
||||
dashboard_data = {"dashboard_title": "title2"}
|
||||
rv = self.client.put(uri, json=dashboard_data)
|
||||
self.assertEqual(rv.status_code, 200)
|
||||
model = db.session.query(Dashboard).get(dashboard_id)
|
||||
|
||||
self.assertEqual(model.dashboard_title, "title2")
|
||||
self.assertEqual(model.changed_by_url, "")
|
||||
|
||||
db.session.delete(model)
|
||||
db.session.commit()
|
||||
|
||||
@with_feature_flags(ENABLE_BROAD_ACTIVITY_ACCESS=True)
|
||||
def test_dashboard_activity_access_enabled(self):
|
||||
"""
|
||||
Dashboard API: Test ENABLE_BROAD_ACTIVITY_ACCESS = True
|
||||
"""
|
||||
admin = self.get_user("admin")
|
||||
admin_role = self.get_role("Admin")
|
||||
dashboard_id = self.insert_dashboard(
|
||||
"title1", "slug1", [admin.id], roles=[admin_role.id]
|
||||
).id
|
||||
self.login(username="admin")
|
||||
uri = f"api/v1/dashboard/{dashboard_id}"
|
||||
dashboard_data = {"dashboard_title": "title2"}
|
||||
rv = self.client.put(uri, json=dashboard_data)
|
||||
self.assertEqual(rv.status_code, 200)
|
||||
model = db.session.query(Dashboard).get(dashboard_id)
|
||||
|
||||
self.assertEqual(model.dashboard_title, "title2")
|
||||
self.assertEqual(model.changed_by_url, "/superset/profile/admin")
|
||||
|
||||
db.session.delete(model)
|
||||
db.session.commit()
|
||||
|
||||
def test_dashboard_get_list_no_username(self):
|
||||
"""
|
||||
Dashboard API: Tests that no username is returned
|
||||
|
||||
@@ -207,7 +207,6 @@ class TestDatasetApi(SupersetTestCase):
|
||||
expected_columns = [
|
||||
"changed_by",
|
||||
"changed_by_name",
|
||||
"changed_by_url",
|
||||
"changed_on_delta_humanized",
|
||||
"changed_on_utc",
|
||||
"database",
|
||||
@@ -1358,56 +1357,6 @@ class TestDatasetApi(SupersetTestCase):
|
||||
db.session.delete(dataset)
|
||||
db.session.commit()
|
||||
|
||||
@with_feature_flags(ENABLE_BROAD_ACTIVITY_ACCESS=True)
|
||||
def test_dataset_activity_access_enabled(self):
|
||||
"""
|
||||
Dataset API: Test ENABLE_BROAD_ACTIVITY_ACCESS = True
|
||||
"""
|
||||
if backend() == "sqlite":
|
||||
return
|
||||
|
||||
dataset = self.insert_default_dataset()
|
||||
self.login(username="admin")
|
||||
table_data = {"description": "changed_description"}
|
||||
uri = f"api/v1/dataset/{dataset.id}"
|
||||
rv = self.client.put(uri, json=table_data)
|
||||
self.assertEqual(rv.status_code, 200)
|
||||
|
||||
response = self.get_assert_metric("api/v1/dataset/", "get_list")
|
||||
res = json.loads(response.data.decode("utf-8"))["result"]
|
||||
|
||||
current_dataset = [d for d in res if d["id"] == dataset.id][0]
|
||||
self.assertEqual(current_dataset["description"], "changed_description")
|
||||
self.assertEqual(current_dataset["changed_by_url"], "/superset/profile/admin")
|
||||
|
||||
db.session.delete(dataset)
|
||||
db.session.commit()
|
||||
|
||||
@with_feature_flags(ENABLE_BROAD_ACTIVITY_ACCESS=False)
|
||||
def test_dataset_activity_access_disabled(self):
|
||||
"""
|
||||
Dataset API: Test ENABLE_BROAD_ACTIVITY_ACCESS = Fase
|
||||
"""
|
||||
if backend() == "sqlite":
|
||||
return
|
||||
|
||||
dataset = self.insert_default_dataset()
|
||||
self.login(username="admin")
|
||||
table_data = {"description": "changed_description"}
|
||||
uri = f"api/v1/dataset/{dataset.id}"
|
||||
rv = self.put_assert_metric(uri, table_data, "put")
|
||||
self.assertEqual(rv.status_code, 200)
|
||||
|
||||
response = self.get_assert_metric("api/v1/dataset/", "get_list")
|
||||
res = json.loads(response.data.decode("utf-8"))["result"]
|
||||
|
||||
current_dataset = [d for d in res if d["id"] == dataset.id][0]
|
||||
self.assertEqual(current_dataset["description"], "changed_description")
|
||||
self.assertEqual(current_dataset["changed_by_url"], "")
|
||||
|
||||
db.session.delete(dataset)
|
||||
db.session.commit()
|
||||
|
||||
def test_update_dataset_item_not_owned(self):
|
||||
"""
|
||||
Dataset API: Test update dataset item not owned
|
||||
|
||||
@@ -159,19 +159,6 @@ class TestLogApi(SupersetTestCase):
|
||||
db.session.delete(log)
|
||||
db.session.commit()
|
||||
|
||||
@with_feature_flags(ENABLE_BROAD_ACTIVITY_ACCESS=False)
|
||||
def test_get_recent_activity_no_broad_access(self):
|
||||
"""
|
||||
Log API: Test recent activity not visible for other users without
|
||||
ENABLE_BROAD_ACTIVITY_ACCESS flag on
|
||||
"""
|
||||
admin_user = self.get_user("admin")
|
||||
self.login(username="admin")
|
||||
|
||||
uri = f"api/v1/log/recent_activity/{admin_user.id + 1}/"
|
||||
rv = self.client.get(uri)
|
||||
self.assertEqual(rv.status_code, 403)
|
||||
|
||||
def test_get_recent_activity(self):
|
||||
"""
|
||||
Log API: Test recent activity endpoint
|
||||
@@ -182,7 +169,7 @@ class TestLogApi(SupersetTestCase):
|
||||
log1 = self.insert_log("dashboard", admin_user, dashboard_id=dash.id)
|
||||
log2 = self.insert_log("dashboard", admin_user, dashboard_id=dash.id)
|
||||
|
||||
uri = f"api/v1/log/recent_activity/{admin_user.id}/"
|
||||
uri = f"api/v1/log/recent_activity/"
|
||||
rv = self.client.get(uri)
|
||||
self.assertEqual(rv.status_code, 200)
|
||||
response = json.loads(rv.data.decode("utf-8"))
|
||||
@@ -219,7 +206,7 @@ class TestLogApi(SupersetTestCase):
|
||||
log2 = self.insert_log("explore", admin_user, dashboard_id=dash.id)
|
||||
|
||||
arguments = {"actions": ["dashboard"]}
|
||||
uri = f"api/v1/log/recent_activity/{admin_user.id}/?q={prison.dumps(arguments)}"
|
||||
uri = f"api/v1/log/recent_activity/?q={prison.dumps(arguments)}"
|
||||
rv = self.client.get(uri)
|
||||
|
||||
db.session.delete(log)
|
||||
@@ -244,7 +231,7 @@ class TestLogApi(SupersetTestCase):
|
||||
log2 = self.insert_log("dashboard", admin_user, dashboard_id=dash.id)
|
||||
|
||||
arguments = {"distinct": False}
|
||||
uri = f"api/v1/log/recent_activity/{admin_user.id}/?q={prison.dumps(arguments)}"
|
||||
uri = f"api/v1/log/recent_activity/?q={prison.dumps(arguments)}"
|
||||
rv = self.client.get(uri)
|
||||
|
||||
db.session.delete(log)
|
||||
@@ -274,7 +261,7 @@ class TestLogApi(SupersetTestCase):
|
||||
log.dttm = now - timedelta(days=2)
|
||||
|
||||
arguments = {"page": 0, "page_size": 2}
|
||||
uri = f"api/v1/log/recent_activity/{admin_user.id}/?q={prison.dumps(arguments)}"
|
||||
uri = f"api/v1/log/recent_activity/?q={prison.dumps(arguments)}"
|
||||
rv = self.client.get(uri)
|
||||
|
||||
self.assertEqual(rv.status_code, 200)
|
||||
@@ -304,7 +291,7 @@ class TestLogApi(SupersetTestCase):
|
||||
)
|
||||
|
||||
arguments = {"page": 1, "page_size": 2}
|
||||
uri = f"api/v1/log/recent_activity/{admin_user.id}/?q={prison.dumps(arguments)}"
|
||||
uri = f"api/v1/log/recent_activity/?q={prison.dumps(arguments)}"
|
||||
rv = self.client.get(uri)
|
||||
|
||||
db.session.delete(log)
|
||||
|
||||
@@ -1350,16 +1350,12 @@ class TestRolePermission(SupersetTestCase):
|
||||
# make sure that user can create slices and dashboards
|
||||
self.assert_can_all("Dashboard", perm_set)
|
||||
self.assert_can_all("Chart", perm_set)
|
||||
self.assertIn(("can_created_dashboards", "Superset"), perm_set)
|
||||
self.assertIn(("can_created_slices", "Superset"), perm_set)
|
||||
self.assertIn(("can_csv", "Superset"), perm_set)
|
||||
self.assertIn(("can_dashboard", "Superset"), perm_set)
|
||||
self.assertIn(("can_explore", "Superset"), perm_set)
|
||||
self.assertIn(("can_share_chart", "Superset"), perm_set)
|
||||
self.assertIn(("can_share_dashboard", "Superset"), perm_set)
|
||||
self.assertIn(("can_explore_json", "Superset"), perm_set)
|
||||
self.assertIn(("can_fave_dashboards", "Superset"), perm_set)
|
||||
self.assertIn(("can_fave_slices", "Superset"), perm_set)
|
||||
self.assertIn(("can_explore_json", "Superset"), perm_set)
|
||||
self.assertIn(("can_userinfo", "UserDBModelView"), perm_set)
|
||||
self.assert_can_menu("Databases", perm_set)
|
||||
@@ -1525,16 +1521,12 @@ class TestRolePermission(SupersetTestCase):
|
||||
self.assert_cannot_write("UserDBModelView", gamma_perm_set)
|
||||
self.assert_cannot_write("RoleModelView", gamma_perm_set)
|
||||
|
||||
self.assertIn(("can_created_dashboards", "Superset"), gamma_perm_set)
|
||||
self.assertIn(("can_created_slices", "Superset"), gamma_perm_set)
|
||||
self.assertIn(("can_csv", "Superset"), gamma_perm_set)
|
||||
self.assertIn(("can_dashboard", "Superset"), gamma_perm_set)
|
||||
self.assertIn(("can_explore", "Superset"), gamma_perm_set)
|
||||
self.assertIn(("can_share_chart", "Superset"), gamma_perm_set)
|
||||
self.assertIn(("can_share_dashboard", "Superset"), gamma_perm_set)
|
||||
self.assertIn(("can_explore_json", "Superset"), gamma_perm_set)
|
||||
self.assertIn(("can_fave_dashboards", "Superset"), gamma_perm_set)
|
||||
self.assertIn(("can_fave_slices", "Superset"), gamma_perm_set)
|
||||
self.assertIn(("can_userinfo", "UserDBModelView"), gamma_perm_set)
|
||||
|
||||
def test_views_are_secured(self):
|
||||
|
||||
Reference in New Issue
Block a user