fix: SQLLab role permissions (#14372)

* fix: SQLLab role permissions * add missing perm * fix tests * fix security test * fix security test * fix tests
2026-04-20 00:24:38 +00:00 · 2021-04-29 15:58:08 +01:00
parent 1c16261651
commit 6541a03d0b
4 changed files with 29 additions and 23 deletions
--- a/tests/databases/api_tests.py
+++ b/tests/databases/api_tests.py
@@ -614,9 +614,7 @@ class TestDatabaseApi(SupersetTestCase):
        assert rv.status_code == 200
        assert "can_read" in data["permissions"]
        assert "can_write" in data["permissions"]
-        assert "can_function_names" in data["permissions"]
-        assert "can_available" in data["permissions"]
-        assert len(data["permissions"]) == 4
+        assert len(data["permissions"]) == 2

    def test_get_invalid_database_table_metadata(self):
        """
--- a/tests/security_tests.py
+++ b/tests/security_tests.py
@@ -832,9 +832,18 @@ class TestRolePermission(SupersetTestCase):

    def test_sql_lab_permissions(self):
        sql_lab_set = get_perm_tuples("sql_lab")
-        self.assertIn(("can_sql_json", "Superset"), sql_lab_set)
        self.assertIn(("can_csv", "Superset"), sql_lab_set)
-        self.assertIn(("can_search_queries", "Superset"), sql_lab_set)
+        self.assertIn(("can_read", "Database"), sql_lab_set)
+        self.assertIn(("can_read", "SavedQuery"), sql_lab_set)
+        self.assertIn(("can_sql_json", "Superset"), sql_lab_set)
+        self.assertIn(("can_sqllab_viz", "Superset"), sql_lab_set)
+        self.assertIn(("can_sqllab_table_viz", "Superset"), sql_lab_set)
+        self.assertIn(("can_sqllab", "Superset"), sql_lab_set)
+
+        self.assertIn(("menu_access", "SQL Lab"), sql_lab_set)
+        self.assertIn(("menu_access", "SQL Editor"), sql_lab_set)
+        self.assertIn(("menu_access", "Saved Queries"), sql_lab_set)
+        self.assertIn(("menu_access", "Query Search"), sql_lab_set)

        self.assert_cannot_alpha(sql_lab_set)