diff --git a/superset/jinja_context.py b/superset/jinja_context.py index dc9411030e5..15b8d0495a1 100644 --- a/superset/jinja_context.py +++ b/superset/jinja_context.py @@ -122,13 +122,13 @@ class ExtraCache: # be added to the cache key. regex = re.compile( r"(\{\{|\{%)[^{}]*?(" - r"current_user_id\([^()]*\)|" - r"current_username\([^()]*\)|" - r"current_user_email\([^()]*\)|" - r"current_user_rls_rules\([^()]*\)|" - r"current_user_roles\([^()]*\)|" - r"cache_key_wrapper\([^()]*\)|" - r"url_param\([^()]*\)" + r"current_user_id\([^)]*\)|" + r"current_username\([^)]*\)|" + r"current_user_email\([^)]*\)|" + r"current_user_rls_rules\([^)]*\)|" + r"current_user_roles\([^)]*\)|" + r"cache_key_wrapper\([^)]*\)|" + r"url_param\([^)]*\)" r")" r"[^{}]*?(\}\}|\%\})" ) diff --git a/tests/unit_tests/jinja_context_test.py b/tests/unit_tests/jinja_context_test.py index 929c470b315..9ba84315fac 100644 --- a/tests/unit_tests/jinja_context_test.py +++ b/tests/unit_tests/jinja_context_test.py @@ -1693,3 +1693,24 @@ def test_undefined_template_variable_not_function(mocker: MockerFixture) -> None template = "SELECT {{ undefined_variable.some_method() }}" with pytest.raises(UndefinedError): processor.process_template(template) + + +@pytest.mark.parametrize( + ("sql", "expected"), + [ + ("SELECT {{ cache_key_wrapper(abc) }}", True), + ("SELECT {{ cache_key_wrapper(myfunc()) }}", True), + ("SELECT {{ url_param('foo') }}", True), + ("SELECT {{ url_param(get_param('foo')) }}", True), + ("SELECT {{ current_user_id() }}", True), + ("SELECT {{ current_username() }}", True), + ("SELECT {{ current_user_email() }}", True), + ("SELECT {{ current_user_roles() }}", True), + ("SELECT {{ current_user_rls_rules() }}", True), + ("SELECT 'cache_key_wrapper(abc)' AS false_positive", False), + ("SELECT 1", False), + ("SELECT '{{ 1 + 1 }}'", False), + ], +) +def test_extra_cache_regex(sql: str, expected: bool) -> None: + assert bool(ExtraCache.regex.search(sql)) is expected