chore(security): Renaming access methods (#10031)

Co-authored-by: John Bodley <john.bodley@airbnb.com>
2026-04-21 00:54:44 +00:00 · 2020-06-11 13:12:23 -07:00
parent 54c6ddbdb7
commit 9532bff48f
14 changed files with 76 additions and 85 deletions
--- a/superset/views/database/decorators.py
+++ b/superset/views/database/decorators.py
@@ -50,9 +50,8 @@ def check_datasource_access(f: Callable[..., Any]) -> Callable[..., Any]:
                f"database_not_found_{self.__class__.__name__}.select_star"
            )
            return self.response_404()
-        # Check that the user can access the datasource
-        if not self.appbuilder.sm.can_access_datasource(
-            database, Table(table_name_parsed, schema_name_parsed), schema_name_parsed
+        if not self.appbuilder.sm.can_access_table(
+            database, Table(table_name_parsed, schema_name_parsed),
        ):
            self.stats_logger.incr(
                f"permisssion_denied_{self.__class__.__name__}.select_star"
--- a/superset/views/database/filters.py
+++ b/superset/views/database/filters.py
@@ -32,7 +32,7 @@ class DatabaseFilter(BaseFilter):
        }

    def apply(self, query: Query, value: Any) -> Query:
-        if security_manager.all_database_access():
+        if security_manager.can_access_all_databases():
            return query
        database_perms = security_manager.user_view_menu_names("database_access")
        # TODO(bogdan): consider adding datasource access here as well.
--- a/superset/views/database/forms.py
+++ b/superset/views/database/forms.py
@@ -70,10 +70,7 @@ class CsvToDatabaseForm(DynamicForm):
                b) if database supports schema
                    user is able to upload to schema in schemas_allowed_for_csv_upload
        """
-        if (
-            security_manager.database_access(database)
-            or security_manager.all_datasource_access()
-        ):
+        if security_manager.can_access_database(database):
            return True
        schemas = database.get_schema_access_for_csv_upload()
        if schemas and security_manager.get_schemas_accessible_by_user(
--- a/superset/views/database/validators.py
+++ b/superset/views/database/validators.py
@@ -50,7 +50,4 @@ def schema_allows_csv_upload(database: Database, schema: Optional[str]) -> bool:
    schemas = database.get_schema_access_for_csv_upload()
    if schemas:
        return schema in schemas
-    return (
-        security_manager.database_access(database)
-        or security_manager.all_datasource_access()
-    )
+    return security_manager.can_access_database(database)