QT/superset2
1
0
Fork 0
mirror of https://github.com/apache/superset.git synced 2026-04-20 00:24:38 +00:00
Code Issues Packages Projects Releases Wiki Activity

chore: set up ruff as a new linter/formatter (#28158)

Browse Source
This commit is contained in:
Maxime Beauchemin
2024-04-24 17:19:53 -07:00
committed by GitHub
parent e8a678b75a
commit 2d63722150
579 changed files with 2508 additions and 2542 deletions
Download Patch File Download Diff File Expand all files Collapse all files

113
tests/integration_tests/dashboards/security/security_rbac_tests.py
View File

@@ -15,9 +15,10 @@
# specific language governing permissions and limitations
# under the License.
"""Unit tests for Superset"""
import json
from unittest import mock
from unittest.mock import patch
from unittest.mock import patch # noqa: F401
import pytest
@@ -30,7 +31,7 @@ from tests.integration_tests.constants import (
GAMMA_SQLLAB_USERNAME,
GAMMA_USERNAME,
)
from tests.integration_tests.dashboards.dashboard_test_utils import *
from tests.integration_tests.dashboards.dashboard_test_utils import * # noqa: F403
from tests.integration_tests.dashboards.security.base_case import (
BaseTestDashboardSecurity,
)
@@ -41,14 +42,14 @@ from tests.integration_tests.dashboards.superset_factory_util import (
create_slice_to_db,
)
from tests.integration_tests.fixtures.birth_names_dashboard import (
load_birth_names_dashboard_with_slices,
load_birth_names_data,
load_birth_names_dashboard_with_slices, # noqa: F401
load_birth_names_data, # noqa: F401
)
from tests.integration_tests.fixtures.public_role import public_role_like_gamma
from tests.integration_tests.fixtures.public_role import public_role_like_gamma # noqa: F401
from tests.integration_tests.fixtures.query_context import get_query_context
from tests.integration_tests.fixtures.world_bank_dashboard import (
load_world_bank_dashboard_with_slices,
load_world_bank_data,
load_world_bank_dashboard_with_slices, # noqa: F401
load_world_bank_data, # noqa: F401
)
CHART_DATA_URI = "api/v1/chart/data"
@@ -74,8 +75,8 @@ class TestDashboardRoleBasedSecurity(BaseTestDashboardSecurity):
def test_get_dashboard_view__owner_can_access(self):
# arrange
username = random_str()
new_role = f"role_{random_str()}"
username = random_str() # noqa: F405
new_role = f"role_{random_str()}" # noqa: F405
owner = self.create_user_with_roles(
username, [new_role], should_create_roles=True
)
@@ -92,11 +93,11 @@ class TestDashboardRoleBasedSecurity(BaseTestDashboardSecurity):
@pytest.mark.usefixtures("load_birth_names_dashboard_with_slices")
def test_get_dashboard_view__user_can_not_access_without_permission(self):
username = random_str()
new_role = f"role_{random_str()}"
username = random_str() # noqa: F405
new_role = f"role_{random_str()}" # noqa: F405
self.create_user_with_roles(username, [new_role], should_create_roles=True)
slice = (
db.session.query(Slice)
db.session.query(Slice) # noqa: F405
.filter_by(slice_name="Girl Name Cloud")
.one_or_none()
)
@@ -116,10 +117,10 @@ class TestDashboardRoleBasedSecurity(BaseTestDashboardSecurity):
):
# arrange
dashboard_to_access = create_dashboard_to_db(published=False)
username = random_str()
new_role = f"role_{random_str()}"
username = random_str() # noqa: F405
new_role = f"role_{random_str()}" # noqa: F405
self.create_user_with_roles(username, [new_role], should_create_roles=True)
grant_access_to_dashboard(dashboard_to_access, new_role)
grant_access_to_dashboard(dashboard_to_access, new_role) # noqa: F405
self.login(username)
# act
@@ -129,7 +130,7 @@ class TestDashboardRoleBasedSecurity(BaseTestDashboardSecurity):
assert response.status_code == 302
# post
revoke_access_to_dashboard(dashboard_to_access, new_role)
revoke_access_to_dashboard(dashboard_to_access, new_role) # noqa: F405
@pytest.mark.usefixtures("load_birth_names_dashboard_with_slices")
def test_get_dashboard_view__user_no_access_regular_rbac(self):
@@ -137,7 +138,7 @@ class TestDashboardRoleBasedSecurity(BaseTestDashboardSecurity):
return
slice = (
db.session.query(Slice)
db.session.query(Slice) # noqa: F405
.filter_by(slice_name="Girl Name Cloud")
.one_or_none()
)
@@ -151,8 +152,8 @@ class TestDashboardRoleBasedSecurity(BaseTestDashboardSecurity):
request_payload = get_query_context("birth_names")
rv = self.post_assert_metric(CHART_DATA_URI, request_payload, "data")
assert rv.status_code == 403
db.session.delete(dashboard)
db.session.commit()
db.session.delete(dashboard) # noqa: F405
db.session.commit() # noqa: F405
@pytest.mark.usefixtures("load_birth_names_dashboard_with_slices")
def test_get_dashboard_view__user_access_regular_rbac(self):
@@ -160,7 +161,7 @@ class TestDashboardRoleBasedSecurity(BaseTestDashboardSecurity):
return
slice = (
db.session.query(Slice)
db.session.query(Slice) # noqa: F405
.filter_by(slice_name="Girl Name Cloud")
.one_or_none()
)
@@ -174,8 +175,8 @@ class TestDashboardRoleBasedSecurity(BaseTestDashboardSecurity):
request_payload = get_query_context("birth_names")
rv = self.post_assert_metric(CHART_DATA_URI, request_payload, "data")
assert rv.status_code == 200
db.session.delete(dashboard)
db.session.commit()
db.session.delete(dashboard) # noqa: F405
db.session.commit() # noqa: F405
@pytest.mark.usefixtures("load_birth_names_dashboard_with_slices")
def test_get_dashboard_view__user_access_with_dashboard_permission(self):
@@ -183,18 +184,18 @@ class TestDashboardRoleBasedSecurity(BaseTestDashboardSecurity):
return
# arrange
username = random_str()
new_role = f"role_{random_str()}"
username = random_str() # noqa: F405
new_role = f"role_{random_str()}" # noqa: F405
self.create_user_with_roles(username, [new_role], should_create_roles=True)
slice = (
db.session.query(Slice)
db.session.query(Slice) # noqa: F405
.filter_by(slice_name="Girl Name Cloud")
.one_or_none()
)
dashboard_to_access = create_dashboard_to_db(published=True, slices=[slice])
self.login(username)
grant_access_to_dashboard(dashboard_to_access, new_role)
grant_access_to_dashboard(dashboard_to_access, new_role) # noqa: F405
# act
response = self.get_dashboard_view_response(dashboard_to_access)
@@ -207,12 +208,12 @@ class TestDashboardRoleBasedSecurity(BaseTestDashboardSecurity):
self.assertEqual(rv.status_code, 403)
# post
revoke_access_to_dashboard(dashboard_to_access, new_role)
revoke_access_to_dashboard(dashboard_to_access, new_role) # noqa: F405
@pytest.mark.usefixtures("public_role_like_gamma")
def test_get_dashboard_view__public_user_can_not_access_without_permission(self):
dashboard_to_access = create_dashboard_to_db(published=True)
grant_access_to_dashboard(dashboard_to_access, "Alpha")
grant_access_to_dashboard(dashboard_to_access, "Alpha") # noqa: F405
# act
response = self.get_dashboard_view_response(dashboard_to_access)
@@ -226,7 +227,7 @@ class TestDashboardRoleBasedSecurity(BaseTestDashboardSecurity):
):
# arrange
dashboard_to_access = create_dashboard_to_db(published=False)
grant_access_to_dashboard(dashboard_to_access, "Public")
grant_access_to_dashboard(dashboard_to_access, "Public") # noqa: F405
# act
response = self.get_dashboard_view_response(dashboard_to_access)
@@ -234,7 +235,7 @@ class TestDashboardRoleBasedSecurity(BaseTestDashboardSecurity):
assert response.status_code == 302
# post
revoke_access_to_dashboard(dashboard_to_access, "Public")
revoke_access_to_dashboard(dashboard_to_access, "Public") # noqa: F405
@pytest.mark.usefixtures("public_role_like_gamma")
def test_get_dashboard_view__public_user_access_with_dashboard_permission(self):
@@ -242,7 +243,7 @@ class TestDashboardRoleBasedSecurity(BaseTestDashboardSecurity):
dashboard_to_access = create_dashboard_to_db(
published=True, slices=[create_slice_to_db()]
)
grant_access_to_dashboard(dashboard_to_access, "Public")
grant_access_to_dashboard(dashboard_to_access, "Public") # noqa: F405
# act
response = self.get_dashboard_view_response(dashboard_to_access)
@@ -251,11 +252,11 @@ class TestDashboardRoleBasedSecurity(BaseTestDashboardSecurity):
self.assert200(response)
# post
revoke_access_to_dashboard(dashboard_to_access, "Public")
revoke_access_to_dashboard(dashboard_to_access, "Public") # noqa: F405
def _create_sample_dashboards_with_owner_access(self):
username = random_str()
new_role = f"role_{random_str()}"
username = random_str() # noqa: F405
new_role = f"role_{random_str()}" # noqa: F405
owner = self.create_user_with_roles(
username, [new_role], should_create_roles=True
)
@@ -276,8 +277,8 @@ class TestDashboardRoleBasedSecurity(BaseTestDashboardSecurity):
return username, not_owned_dashboards, owned_dashboards
def _create_sample_only_published_dashboard_with_roles(self):
username = random_str()
new_role = f"role_{random_str()}"
username = random_str() # noqa: F405
new_role = f"role_{random_str()}" # noqa: F405
self.create_user_with_roles(username, [new_role], should_create_roles=True)
published_dashboards = [
create_dashboard_to_db(published=True),
@@ -288,7 +289,7 @@ class TestDashboardRoleBasedSecurity(BaseTestDashboardSecurity):
create_dashboard_to_db(published=False),
]
for dash in published_dashboards + draft_dashboards:
grant_access_to_dashboard(dash, new_role)
grant_access_to_dashboard(dash, new_role) # noqa: F405
return username, new_role, draft_dashboards, published_dashboards
def test_get_dashboards_api__admin_get_all_dashboards(self):
@@ -296,7 +297,7 @@ class TestDashboardRoleBasedSecurity(BaseTestDashboardSecurity):
create_dashboard_to_db(
owners=[], slices=[create_slice_to_db()], published=False
)
dashboard_counts = count_dashboards()
dashboard_counts = count_dashboards() # noqa: F405
self.login(ADMIN_USERNAME)
@@ -325,8 +326,8 @@ class TestDashboardRoleBasedSecurity(BaseTestDashboardSecurity):
)
def test_get_dashboards_api__user_without_any_permissions_get_empty_list(self):
username = random_str()
new_role = f"role_{random_str()}"
username = random_str() # noqa: F405
new_role = f"role_{random_str()}" # noqa: F405
self.create_user_with_roles(username, [new_role], should_create_roles=True)
create_dashboard_to_db(published=True)
self.login(username)
@@ -360,7 +361,7 @@ class TestDashboardRoleBasedSecurity(BaseTestDashboardSecurity):
# post
for dash in published_dashboards + draft_dashboards:
revoke_access_to_dashboard(dash, new_role)
revoke_access_to_dashboard(dash, new_role) # noqa: F405
@pytest.mark.usefixtures("public_role_like_gamma")
def test_get_dashboards_api__public_user_without_any_permissions_get_empty_list(
@@ -389,7 +390,7 @@ class TestDashboardRoleBasedSecurity(BaseTestDashboardSecurity):
]
for dash in published_dashboards + draft_dashboards:
grant_access_to_dashboard(dash, "Public")
grant_access_to_dashboard(dash, "Public") # noqa: F405
# act
response = self.get_dashboards_api_response()
@@ -404,7 +405,7 @@ class TestDashboardRoleBasedSecurity(BaseTestDashboardSecurity):
# post
for dash in published_dashboards + draft_dashboards:
revoke_access_to_dashboard(dash, "Public")
revoke_access_to_dashboard(dash, "Public") # noqa: F405
def test_cannot_get_draft_dashboard_without_roles_by_uuid(self):
"""
@@ -446,19 +447,19 @@ class TestDashboardRoleBasedSecurity(BaseTestDashboardSecurity):
rv = self.client.get(uri)
assert rv.status_code == 403
# rollback changes
db.session.delete(dashboard)
db.session.commit()
db.session.delete(dashboard) # noqa: F405
db.session.commit() # noqa: F405
@with_feature_flags(DASHBOARD_RBAC=True)
@pytest.mark.usefixtures("load_world_bank_dashboard_with_slices")
def test_copy_dashboard_via_api(self):
source = db.session.query(Dashboard).filter_by(slug="world_health").first()
source = db.session.query(Dashboard).filter_by(slug="world_health").first() # noqa: F405
source.roles = [self.get_role("Gamma")]
if not (published := source.published):
source.published = True # Required per the DashboardAccessFilter for RBAC.
db.session.commit()
db.session.commit() # noqa: F405
uri = f"api/v1/dashboard/{source.id}/copy/"
@@ -486,23 +487,23 @@ class TestDashboardRoleBasedSecurity(BaseTestDashboardSecurity):
response = json.loads(rv.data.decode("utf-8"))
target = (
db.session.query(Dashboard)
.filter(Dashboard.id == response["result"]["id"])
db.session.query(Dashboard) # noqa: F405
.filter(Dashboard.id == response["result"]["id"]) # noqa: F405
.one()
)
db.session.delete(target)
db.session.delete(target) # noqa: F405
source.roles = []
if not published:
source.published = False
db.session.commit()
db.session.commit() # noqa: F405
@with_feature_flags(DASHBOARD_RBAC=True)
@pytest.mark.usefixtures("load_world_bank_dashboard_with_slices")
def test_copy_dashboard_via_dao(self):
source = db.session.query(Dashboard).filter_by(slug="world_health").first()
source = db.session.query(Dashboard).filter_by(slug="world_health").first() # noqa: F405
data = {
"dashboard_title": "copied dash",
@@ -517,12 +518,12 @@ class TestDashboardRoleBasedSecurity(BaseTestDashboardSecurity):
),
}
with override_user(security_manager.find_user("gamma")):
with override_user(security_manager.find_user("gamma")): # noqa: F405
with pytest.raises(DashboardForbiddenError):
DashboardDAO.copy_dashboard(source, data)
with override_user(security_manager.find_user("admin")):
with override_user(security_manager.find_user("admin")): # noqa: F405
target = DashboardDAO.copy_dashboard(source, data)
db.session.delete(target)
db.session.delete(target) # noqa: F405
db.session.commit()
db.session.commit() # noqa: F405