mirror of
https://github.com/apache/superset.git
synced 2026-04-19 16:14:52 +00:00
fix(temporary-cache): when user is anonymous (#20181)
* fix(temporary-cache): fail on anonymous user * make exceptions generic * fix test * remove redundant bool return * fix unit tests
This commit is contained in:
Ville Brofeldt
@@ -24,20 +24,11 @@ from flask import g, request, Response
|
||||
from flask_appbuilder.api import BaseApi
|
||||
from marshmallow import ValidationError
|
||||
|
||||
from superset.charts.commands.exceptions import (
|
||||
ChartAccessDeniedError,
|
||||
ChartNotFoundError,
|
||||
)
|
||||
from superset.constants import MODEL_API_RW_METHOD_PERMISSION_MAP, RouteMethod
|
||||
from superset.dashboards.commands.exceptions import (
|
||||
DashboardAccessDeniedError,
|
||||
DashboardNotFoundError,
|
||||
from superset.temporary_cache.commands.exceptions import (
|
||||
TemporaryCacheAccessDeniedError,
|
||||
TemporaryCacheResourceNotFoundError,
|
||||
)
|
||||
from superset.datasets.commands.exceptions import (
|
||||
DatasetAccessDeniedError,
|
||||
DatasetNotFoundError,
|
||||
)
|
||||
from superset.temporary_cache.commands.exceptions import TemporaryCacheAccessDeniedError
|
||||
from superset.temporary_cache.commands.parameters import CommandParameters
|
||||
from superset.temporary_cache.schemas import (
|
||||
TemporaryCachePostSchema,
|
||||
@@ -86,14 +77,9 @@ class TemporaryCacheRestApi(BaseApi, ABC):
|
||||
return self.response(201, key=key)
|
||||
except ValidationError as ex:
|
||||
return self.response(400, message=ex.messages)
|
||||
except (
|
||||
ChartAccessDeniedError,
|
||||
DashboardAccessDeniedError,
|
||||
DatasetAccessDeniedError,
|
||||
TemporaryCacheAccessDeniedError,
|
||||
) as ex:
|
||||
except TemporaryCacheAccessDeniedError as ex:
|
||||
return self.response(403, message=str(ex))
|
||||
except (ChartNotFoundError, DashboardNotFoundError, DatasetNotFoundError) as ex:
|
||||
except TemporaryCacheResourceNotFoundError as ex:
|
||||
return self.response(404, message=str(ex))
|
||||
|
||||
@requires_json
|
||||
@@ -112,14 +98,9 @@ class TemporaryCacheRestApi(BaseApi, ABC):
|
||||
return self.response(200, key=key)
|
||||
except ValidationError as ex:
|
||||
return self.response(400, message=ex.messages)
|
||||
except (
|
||||
ChartAccessDeniedError,
|
||||
DashboardAccessDeniedError,
|
||||
DatasetAccessDeniedError,
|
||||
TemporaryCacheAccessDeniedError,
|
||||
) as ex:
|
||||
except TemporaryCacheAccessDeniedError as ex:
|
||||
return self.response(403, message=str(ex))
|
||||
except (ChartNotFoundError, DashboardNotFoundError, DatasetNotFoundError) as ex:
|
||||
except TemporaryCacheResourceNotFoundError as ex:
|
||||
return self.response(404, message=str(ex))
|
||||
|
||||
def get(self, pk: int, key: str) -> Response:
|
||||
@@ -129,14 +110,9 @@ class TemporaryCacheRestApi(BaseApi, ABC):
|
||||
if not value:
|
||||
return self.response_404()
|
||||
return self.response(200, value=value)
|
||||
except (
|
||||
ChartAccessDeniedError,
|
||||
DashboardAccessDeniedError,
|
||||
DatasetAccessDeniedError,
|
||||
TemporaryCacheAccessDeniedError,
|
||||
) as ex:
|
||||
except TemporaryCacheAccessDeniedError as ex:
|
||||
return self.response(403, message=str(ex))
|
||||
except (ChartNotFoundError, DashboardNotFoundError, DatasetNotFoundError) as ex:
|
||||
except TemporaryCacheResourceNotFoundError as ex:
|
||||
return self.response(404, message=str(ex))
|
||||
|
||||
def delete(self, pk: int, key: str) -> Response:
|
||||
@@ -146,14 +122,9 @@ class TemporaryCacheRestApi(BaseApi, ABC):
|
||||
if not result:
|
||||
return self.response_404()
|
||||
return self.response(200, message="Deleted successfully")
|
||||
except (
|
||||
ChartAccessDeniedError,
|
||||
DashboardAccessDeniedError,
|
||||
DatasetAccessDeniedError,
|
||||
TemporaryCacheAccessDeniedError,
|
||||
) as ex:
|
||||
except TemporaryCacheAccessDeniedError as ex:
|
||||
return self.response(403, message=str(ex))
|
||||
except (ChartNotFoundError, DashboardNotFoundError, DatasetNotFoundError) as ex:
|
||||
except TemporaryCacheResourceNotFoundError as ex:
|
||||
return self.response(404, message=str(ex))
|
||||
|
||||
@abstractmethod
|
||||
|
||||
@@ -14,9 +14,11 @@
|
||||
# KIND, either express or implied. See the License for the
|
||||
# specific language governing permissions and limitations
|
||||
# under the License.
|
||||
from typing import Optional
|
||||
|
||||
from typing_extensions import TypedDict
|
||||
|
||||
|
||||
class Entry(TypedDict):
|
||||
owner: int
|
||||
owner: Optional[int]
|
||||
value: str
|
||||
|
||||
@@ -43,3 +43,7 @@ class TemporaryCacheUpdateFailedError(UpdateFailedError):
|
||||
|
||||
class TemporaryCacheAccessDeniedError(ForbiddenError):
|
||||
message = _("You don't have permission to modify the value.")
|
||||
|
||||
|
||||
class TemporaryCacheResourceNotFoundError(ForbiddenError):
|
||||
message = _("Resource was not found.")
|
||||
|
||||
Reference in New Issue
Block a user