feat(annotations): security permissions simplification (#12014)

* Changed security permissions for annotations and annotation layers * Updated permissions in annotation layers list * Created test for retrieving premissions info. Updated uris from f-strings to strings * Updated annotations in security_tests and added annotations to NEW_SECURITY_CONVERGE_VIEWS * Added migration for annotations security converge * Updated current revision after rebase master * Updated migration name to annotations security converge * Updated annotations permissions names in AnnotationLayersList and updated test since 'can_write' has wider permissions * Updated annotations migration to current
2026-04-19 08:04:53 +00:00 · 2020-12-16 10:08:06 +01:00
parent 0ee03ae440
commit 9c8b65d03f
8 changed files with 124 additions and 15 deletions
--- a/tests/security_tests.py
+++ b/tests/security_tests.py
@@ -48,7 +48,7 @@ from .dashboard_utils import (
 from .fixtures.energy_dashboard import load_energy_table_with_slice
 from .fixtures.unicode_dashboard import load_unicode_dashboard_with_slice

-NEW_SECURITY_CONVERGE_VIEWS = ("CssTemplate", "SavedQuery", "Chart")
+NEW_SECURITY_CONVERGE_VIEWS = ("CssTemplate", "SavedQuery", "Chart", "Annotation")


 def get_perm_tuples(role_name):
@@ -672,7 +672,7 @@ class TestRolePermission(SupersetTestCase):
        self.assert_can_menu("Dashboards", perm_set)

    def assert_can_alpha(self, perm_set):
-        self.assert_can_all("AnnotationLayerModelView", perm_set)
+        self.assert_can_all("Annotation", perm_set)
        self.assert_can_all("CssTemplate", perm_set)
        self.assert_can_all("TableModelView", perm_set)
        self.assert_can_read("QueryView", perm_set)