diff --git a/tests/integration_tests/charts/data/api_tests.py b/tests/integration_tests/charts/data/api_tests.py index b53e3b18d65..f02b62af75f 100644 --- a/tests/integration_tests/charts/data/api_tests.py +++ b/tests/integration_tests/charts/data/api_tests.py @@ -995,12 +995,12 @@ def physical_query_context(physical_dataset) -> Dict[str, Any]: }, }, ) -def test_cache_default_timeout(test_client, login_as_admin, physical_query_context): +def test_cache_default_timeout(login_as_admin, physical_query_context): rv = test_client.post(CHART_DATA_URI, json=physical_query_context) assert rv.json["result"][0]["cache_timeout"] == 1234 -def test_custom_cache_timeout(test_client, login_as_admin, physical_query_context): +def test_custom_cache_timeout(login_as_admin, physical_query_context): physical_query_context["custom_cache_timeout"] = 5678 rv = test_client.post(CHART_DATA_URI, json=physical_query_context) assert rv.json["result"][0]["cache_timeout"] == 5678 @@ -1018,7 +1018,6 @@ def test_custom_cache_timeout(test_client, login_as_admin, physical_query_contex }, ) def test_data_cache_default_timeout( - test_client, login_as_admin, physical_query_context, ): @@ -1027,7 +1026,6 @@ def test_data_cache_default_timeout( def test_chart_cache_timeout( - test_client, login_as_admin, physical_query_context, load_energy_table_with_slice: List[Slice], @@ -1064,9 +1062,7 @@ def test_chart_cache_timeout( }, }, ) -def test_chart_cache_timeout_not_present( - test_client, login_as_admin, physical_query_context -): +def test_chart_cache_timeout_not_present(login_as_admin, physical_query_context): # should use datasource cache, if it's present datasource: SqlaTable = ( @@ -1092,9 +1088,7 @@ def test_chart_cache_timeout_not_present( }, }, ) -def test_chart_cache_timeout_chart_not_found( - test_client, login_as_admin, physical_query_context -): +def test_chart_cache_timeout_chart_not_found(login_as_admin, physical_query_context): # should use default timeout physical_query_context["form_data"] = {"slice_id": 0} @@ -1115,7 +1109,6 @@ def test_chart_cache_timeout_chart_not_found( @with_feature_flags(ALLOW_ADHOC_SUBQUERY=False) @pytest.mark.usefixtures("load_birth_names_dashboard_with_slices") def test_chart_data_subquery_not_allowed( - test_client, login_as_admin, physical_dataset, physical_query_context, @@ -1140,7 +1133,6 @@ def test_chart_data_subquery_not_allowed( @with_feature_flags(ALLOW_ADHOC_SUBQUERY=True) @pytest.mark.usefixtures("load_birth_names_dashboard_with_slices") def test_chart_data_subquery_allowed( - test_client, login_as_admin, physical_dataset, physical_query_context, diff --git a/tests/unit_tests/conftest.py b/tests/unit_tests/conftest.py index 86fb0127b84..bba43caaaf9 100644 --- a/tests/unit_tests/conftest.py +++ b/tests/unit_tests/conftest.py @@ -25,6 +25,7 @@ from sqlalchemy import create_engine from sqlalchemy.orm import sessionmaker from sqlalchemy.orm.session import Session +from superset import security_manager from superset.app import SupersetApp from superset.extensions import appbuilder from superset.initialization import SupersetAppInitializer @@ -101,3 +102,20 @@ def app_context(app: SupersetApp) -> Iterator[None]: """ with app.app_context(): yield + + +@pytest.fixture +def full_api_access(mocker: MockFixture) -> Iterator[None]: + """ + Allow full access to the API. + TODO (betodealmeida): we should replace this with user-fixtures, eg, ``admin`` or + ``gamma``, so that we have granular access to the APIs. + """ + mocker.patch( + "flask_appbuilder.security.decorators.verify_jwt_in_request", + return_value=True, + ) + mocker.patch.object(security_manager, "has_access", return_value=True) + mocker.patch.object(security_manager, "can_access_all_databases", return_value=True) + + yield diff --git a/tests/unit_tests/databases/api_test.py b/tests/unit_tests/databases/api_test.py index d6f8897c4a0..2d20e5346f4 100644 --- a/tests/unit_tests/databases/api_test.py +++ b/tests/unit_tests/databases/api_test.py @@ -17,147 +17,10 @@ # pylint: disable=unused-argument, import-outside-toplevel, line-too-long -import json from io import BytesIO from typing import Any -from uuid import UUID import pytest -from pytest_mock import MockFixture -from sqlalchemy.orm.session import Session - - -def test_post_with_uuid( - session: Session, - client: Any, - full_api_access: None, -) -> None: - """ - Test that we can set the database UUID when creating it. - """ - from superset.models.core import Database - - # create table for databases - Database.metadata.create_all(session.get_bind()) # pylint: disable=no-member - - response = client.post( - "/api/v1/database/", - json={ - "database_name": "my_db", - "sqlalchemy_uri": "sqlite://", - "uuid": "7c1b7880-a59d-47cd-8bf1-f1eb8d2863cb", - }, - ) - assert response.status_code == 201 - - database = session.query(Database).one() - assert database.uuid == UUID("7c1b7880-a59d-47cd-8bf1-f1eb8d2863cb") - - -def test_password_mask( - mocker: MockFixture, - app: Any, - session: Session, - client: Any, - full_api_access: None, -) -> None: - """ - Test that sensitive information is masked. - """ - from superset.databases.api import DatabaseRestApi - from superset.models.core import Database - - DatabaseRestApi.datamodel.session = session - - # create table for databases - Database.metadata.create_all(session.get_bind()) # pylint: disable=no-member - - database = Database( - database_name="my_database", - sqlalchemy_uri="gsheets://", - encrypted_extra=json.dumps( - { - "service_account_info": { - "type": "service_account", - "project_id": "black-sanctum-314419", - "private_key_id": "259b0d419a8f840056158763ff54d8b08f7b8173", - "private_key": "SECRET", - "client_email": "google-spreadsheets-demo-servi@black-sanctum-314419.iam.gserviceaccount.com", - "client_id": "114567578578109757129", - "auth_uri": "https://accounts.google.com/o/oauth2/auth", - "token_uri": "https://oauth2.googleapis.com/token", - "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs", - "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/google-spreadsheets-demo-servi%40black-sanctum-314419.iam.gserviceaccount.com", - }, - } - ), - ) - session.add(database) - session.commit() - - # mock the lookup so that we don't need to include the driver - mocker.patch("sqlalchemy.engine.URL.get_driver_name", return_value="gsheets") - mocker.patch("superset.utils.log.DBEventLogger.log") - - response = client.get("/api/v1/database/1") - assert ( - response.json["result"]["parameters"]["service_account_info"]["private_key"] - == "XXXXXXXXXX" - ) - assert "encrypted_extra" not in response.json["result"] - - -@pytest.mark.skip(reason="Works locally but fails on CI") -def test_update_with_password_mask( - app: Any, - session: Session, - client: Any, - full_api_access: None, -) -> None: - """ - Test that an update with a masked password doesn't overwrite the existing password. - """ - from superset.databases.api import DatabaseRestApi - from superset.models.core import Database - - DatabaseRestApi.datamodel.session = session - - # create table for databases - Database.metadata.create_all(session.get_bind()) # pylint: disable=no-member - - database = Database( - database_name="my_database", - sqlalchemy_uri="gsheets://", - encrypted_extra=json.dumps( - { - "service_account_info": { - "project_id": "black-sanctum-314419", - "private_key": "SECRET", - }, - } - ), - ) - session.add(database) - session.commit() - - client.put( - "/api/v1/database/1", - json={ - "encrypted_extra": json.dumps( - { - "service_account_info": { - "project_id": "yellow-unicorn-314419", - "private_key": "XXXXXXXXXX", - }, - } - ), - }, - ) - database = session.query(Database).one() - assert ( - database.encrypted_extra - == '{"service_account_info": {"project_id": "yellow-unicorn-314419", "private_key": "SECRET"}}' - ) def test_non_zip_import(client: Any, full_api_access: None) -> None: