fix: create permissions on DB import (#29802)

This commit is contained in:
Beto Dealmeida
2024-08-06 12:09:21 -04:00
committed by GitHub
parent 1c3ef01209
commit 61c0970968
18 changed files with 273 additions and 87 deletions

View File

@@ -178,7 +178,12 @@ def test_rename_with_catalog(
DatabaseDAO.find_by_id.return_value = original_database
database_with_catalog.database_name = "my_other_db"
DatabaseDAO.update.return_value = database_with_catalog
DatabaseDAO.get_datasets.return_value = []
dataset = mocker.MagicMock()
chart = mocker.MagicMock()
DatabaseDAO.get_datasets.return_value = [dataset]
DatasetDAO = mocker.patch("superset.commands.database.update.DatasetDAO")
DatasetDAO.get_related_objects.return_value = {"charts": [chart]}
find_permission_view_menu = mocker.patch.object(
security_manager,
@@ -218,6 +223,11 @@ def test_rename_with_catalog(
assert catalog2_pvm.view_menu.name == "[my_other_db].[catalog2]"
assert catalog2_schema3_pvm.view_menu.name == "[my_other_db].[catalog2].[schema3]"
assert dataset.catalog_perm == "[my_other_db].[catalog2]"
assert dataset.schema_perm == "[my_other_db].[catalog2].[schema4]"
assert chart.catalog_perm == "[my_other_db].[catalog2]"
assert chart.schema_perm == "[my_other_db].[catalog2].[schema4]"
def test_rename_without_catalog(
mocker: MockerFixture,

View File

@@ -23,6 +23,7 @@ from pytest_mock import MockerFixture
from sqlalchemy.orm.session import Session
from superset import db
from superset.commands.database.importers.v1.utils import add_permissions
from superset.commands.exceptions import ImportFailedError
from superset.utils import json
@@ -37,6 +38,7 @@ def test_import_database(mocker: MockerFixture, session: Session) -> None:
from tests.integration_tests.fixtures.importexport import database_config
mocker.patch.object(security_manager, "can_access", return_value=True)
mocker.patch("superset.commands.database.importers.v1.utils.add_permissions")
engine = db.session.get_bind()
Database.metadata.create_all(engine) # pylint: disable=no-member
@@ -44,7 +46,7 @@ def test_import_database(mocker: MockerFixture, session: Session) -> None:
config = copy.deepcopy(database_config)
database = import_database(config)
assert database.database_name == "imported_database"
assert database.sqlalchemy_uri == "someengine://user:pass@host1"
assert database.sqlalchemy_uri == "postgresql://user:pass@host1"
assert database.cache_timeout is None
assert database.expose_in_sqllab is True
assert database.allow_run_async is False
@@ -108,6 +110,7 @@ def test_import_database_managed_externally(
from tests.integration_tests.fixtures.importexport import database_config
mocker.patch.object(security_manager, "can_access", return_value=True)
mocker.patch("superset.commands.database.importers.v1.utils.add_permissions")
engine = db.session.get_bind()
Database.metadata.create_all(engine) # pylint: disable=no-member
@@ -158,6 +161,7 @@ def test_import_database_with_version(mocker: MockerFixture, session: Session) -
from tests.integration_tests.fixtures.importexport import database_config
mocker.patch.object(security_manager, "can_access", return_value=True)
mocker.patch("superset.commands.database.importers.v1.utils.add_permissions")
engine = db.session.get_bind()
Database.metadata.create_all(engine) # pylint: disable=no-member
@@ -166,3 +170,30 @@ def test_import_database_with_version(mocker: MockerFixture, session: Session) -
config["extra"]["version"] = "1.1.1"
database = import_database(config)
assert json.loads(database.extra)["version"] == "1.1.1"
def test_add_permissions(mocker: MockerFixture) -> None:
"""
Test adding permissions to a database when it's imported.
"""
database = mocker.MagicMock()
database.database_name = "my_db"
database.db_engine_spec.supports_catalog = True
database.get_all_catalog_names.return_value = ["catalog1", "catalog2"]
database.get_all_schema_names.side_effect = [["schema1"], ["schema2"]]
ssh_tunnel = mocker.MagicMock()
add_permission_view_menu = mocker.patch(
"superset.commands.database.importers.v1.utils.security_manager."
"add_permission_view_menu"
)
add_permissions(database, ssh_tunnel)
add_permission_view_menu.assert_has_calls(
[
mocker.call("catalog_access", "[my_db].[catalog1]"),
mocker.call("catalog_access", "[my_db].[catalog2]"),
mocker.call("schema_access", "[my_db].[catalog1].[schema1]"),
mocker.call("schema_access", "[my_db].[catalog2].[schema2]"),
]
)