fix: Bump FAB to 5.X (#33055)

Co-authored-by: Joe Li <joe@preset.io>
2026-04-19 08:04:53 +00:00 · 2025-09-12 09:21:37 +01:00
parent dea9068647
commit a9fb853e3e
27 changed files with 100 additions and 327 deletions
--- a/tests/integration_tests/base_api_tests.py
+++ b/tests/integration_tests/base_api_tests.py
@@ -55,10 +55,10 @@ class Model1Api(BaseSupersetModelRestApi):
    }


-appbuilder.add_api(Model1Api)
-
-
 class TestOpenApiSpec(SupersetTestCase):
+    def setUp(self) -> None:
+        appbuilder.add_api(Model1Api)
+
    def test_open_api_spec(self):
        """
        API: Test validate OpenAPI spec
--- a/tests/integration_tests/dashboards/dashboard_test_utils.py
+++ b/tests/integration_tests/dashboards/dashboard_test_utils.py
@@ -29,7 +29,7 @@ from tests.integration_tests.dashboards.consts import DEFAULT_DASHBOARD_SLUG_TO_

 logger = logging.getLogger(__name__)

-session = appbuilder.get_session
+session = appbuilder.session


 def get_mock_positions(dashboard: Dashboard) -> dict[str, Any]:
--- a/tests/integration_tests/dynamic_plugins_tests.py
+++ b/tests/integration_tests/dynamic_plugins_tests.py
@@ -26,7 +26,7 @@ class TestDynamicPlugins(SupersetTestCase):
        Dynamic Plugins: Responds not found when disabled
        """
        self.login(ADMIN_USERNAME)
-        uri = "/dynamic-plugins/api"
+        uri = "/dynamic-plugins/list/"
        rv = self.client.get(uri)
        assert rv.status_code == 404

@@ -36,6 +36,6 @@ class TestDynamicPlugins(SupersetTestCase):
        Dynamic Plugins: Responds successfully when enabled
        """
        self.login(ADMIN_USERNAME)
-        uri = "/dynamic-plugins/api"
+        uri = "/dynamic-plugins/list/"
        rv = self.client.get(uri)
        assert rv.status_code == 200
--- a/tests/integration_tests/fixtures/users.py
+++ b/tests/integration_tests/fixtures/users.py
@@ -49,9 +49,9 @@ def create_user_and_group(


 def cleanup(user, group):
-    security_manager.get_session.delete(user)
-    security_manager.get_session.delete(group)
-    security_manager.get_session.commit()
+    security_manager.session.delete(user)
+    security_manager.session.delete(group)
+    security_manager.session.commit()


@pytest.fixture
--- a/tests/integration_tests/queries/api_tests.py
+++ b/tests/integration_tests/queries/api_tests.py
@@ -18,7 +18,6 @@
 """Unit tests for Superset"""

 from datetime import datetime, timedelta
-from unittest import mock
 import random
 import string

@@ -453,21 +452,13 @@ class TestQueryApi(SupersetTestCase):
        db.session.delete(updated_query)
        db.session.commit()

-    @mock.patch("superset.sql_lab.cancel_query")
-    @mock.patch("superset.views.core.db.session")
-    def test_stop_query_not_found(
-        self, mock_superset_db_session, mock_sql_lab_cancel_query
-    ):
+    def test_stop_query_not_found(self):
        """
        Handles stop query when the DB engine spec does not
        have a cancel query method (with invalid client_id).
        """
        form_data = {"client_id": "foo2"}
-        query_mock = mock.Mock()
-        query_mock.return_value = None
        self.login(ADMIN_USERNAME)
-        mock_superset_db_session.query().filter_by().one_or_none = query_mock
-        mock_sql_lab_cancel_query.return_value = True
        rv = self.client.post(
            "/api/v1/query/stop",
            data=json.dumps(form_data),
@@ -478,22 +469,25 @@ class TestQueryApi(SupersetTestCase):
        data = json.loads(rv.data.decode("utf-8"))
        assert data["message"] == "Query with client_id foo2 not found"

-    @mock.patch("superset.sql_lab.cancel_query")
-    @mock.patch("superset.views.core.db.session")
-    def test_stop_query(self, mock_superset_db_session, mock_sql_lab_cancel_query):
+    # @mock.patch("superset.sql_lab.cancel_query")
+    def test_stop_query(self):
        """
        Handles stop query when the DB engine spec does not
        have a cancel query method.
        """
        form_data = {"client_id": "foo"}
-        query_mock = mock.Mock()
-        query_mock.client_id = "foo"
-        query_mock.status = QueryStatus.RUNNING
-        self.login(ADMIN_USERNAME)
-        mock_superset_db_session.query().filter_by().one_or_none().return_value = (
-            query_mock
+        admin = self.get_user("admin")
+        example_db = get_example_database()
+        query1 = self.insert_query(
+            example_db.id,
+            admin.id,
+            form_data["client_id"],
+            sql="SELECT col1, col2 from table1",
+            select_sql="SELECT col1, col2 from table1",
+            executed_sql="SELECT col1, col2 from table1 LIMIT 100",
+            changed_on=datetime.utcnow() - timedelta(days=1),
        )
-        mock_sql_lab_cancel_query.return_value = True
+        self.login(ADMIN_USERNAME)
        rv = self.client.post(
            "/api/v1/query/stop",
            data=json.dumps(form_data),
@@ -503,3 +497,5 @@ class TestQueryApi(SupersetTestCase):
        assert rv.status_code == 200
        data = json.loads(rv.data.decode("utf-8"))
        assert data["result"] == "OK"
+        db.session.delete(query1)
+        db.session.commit()
--- a/tests/integration_tests/security_tests.py
+++ b/tests/integration_tests/security_tests.py
@@ -1959,13 +1959,11 @@ class TestSecurityManager(SupersetTestCase):

 class TestDatasources(SupersetTestCase):
    @patch("superset.security.SupersetSecurityManager.can_access_database")
-    @patch("superset.security.SupersetSecurityManager.get_session")
-    def test_get_user_datasources_admin(
-        self, mock_get_session, mock_can_access_database
-    ):
+    @patch("superset.security.SupersetSecurityManager.session")
+    def test_get_user_datasources_admin(self, mock_session, mock_can_access_database):
        Datasource = namedtuple("Datasource", ["database", "schema", "name"])
        mock_can_access_database.return_value = True
-        mock_get_session.query.return_value.filter.return_value.all.return_value = []
+        mock_session.query.return_value.filter.return_value.all.return_value = []

        with mock.patch.object(
            SqlaTable, "get_all_datasources"
@@ -1984,13 +1982,11 @@ class TestDatasources(SupersetTestCase):
                ]

    @patch("superset.security.SupersetSecurityManager.can_access_database")
-    @patch("superset.security.SupersetSecurityManager.get_session")
-    def test_get_user_datasources_gamma(
-        self, mock_get_session, mock_can_access_database
-    ):
+    @patch("superset.security.SupersetSecurityManager.session")
+    def test_get_user_datasources_gamma(self, mock_session, mock_can_access_database):
        Datasource = namedtuple("Datasource", ["database", "schema", "name"])
        mock_can_access_database.return_value = False
-        mock_get_session.query.return_value.filter.return_value.all.return_value = []
+        mock_session.query.return_value.filter.return_value.all.return_value = []

        with mock.patch.object(
            SqlaTable, "get_all_datasources"
@@ -2005,14 +2001,14 @@ class TestDatasources(SupersetTestCase):
                assert datasources == []

    @patch("superset.security.SupersetSecurityManager.can_access_database")
-    @patch("superset.security.SupersetSecurityManager.get_session")
+    @patch("superset.security.SupersetSecurityManager.session")
    def test_get_user_datasources_gamma_with_schema(
-        self, mock_get_session, mock_can_access_database
+        self, mock_session, mock_can_access_database
    ):
        Datasource = namedtuple("Datasource", ["database", "schema", "name"])
        mock_can_access_database.return_value = False

-        mock_get_session.query.return_value.filter.return_value.all.return_value = [
+        mock_session.query.return_value.filter.return_value.all.return_value = [
            Datasource("database1", "schema1", "table1"),
            Datasource("database1", "schema1", "table2"),
        ]
--- a/tests/unit_tests/conftest.py
+++ b/tests/unit_tests/conftest.py
@@ -54,7 +54,7 @@ def get_session(mocker: MockerFixture) -> Callable[[], Session]:

        # patch session
        get_session = mocker.patch(
-            "superset.security.SupersetSecurityManager.get_session",
+            "superset.security.SupersetSecurityManager.session",
        )
        get_session.return_value = in_memory_session
        # FAB calls get_session.get_bind() to get a handler to the engine
--- a/tests/unit_tests/databases/api_test.py
+++ b/tests/unit_tests/databases/api_test.py
@@ -67,7 +67,7 @@ def test_filter_by_uuid(
    from superset.databases.api import DatabaseRestApi
    from superset.models.core import Database

-    DatabaseRestApi.datamodel.session = session
+    DatabaseRestApi.datamodel._session = session

    # create table for databases
    Database.metadata.create_all(session.get_bind())  # pylint: disable=no-member
@@ -135,7 +135,7 @@ def test_password_mask(
    from superset.databases.api import DatabaseRestApi
    from superset.models.core import Database

-    DatabaseRestApi.datamodel.session = session
+    DatabaseRestApi.datamodel._session = session

    # create table for databases
    Database.metadata.create_all(session.get_bind())  # pylint: disable=no-member
@@ -191,7 +191,7 @@ def test_database_connection(
    from superset.databases.api import DatabaseRestApi
    from superset.models.core import Database

-    DatabaseRestApi.datamodel.session = session
+    DatabaseRestApi.datamodel._session = session

    # create table for databases
    Database.metadata.create_all(session.get_bind())  # pylint: disable=no-member
@@ -355,7 +355,7 @@ def test_update_with_password_mask(
    from superset.databases.api import DatabaseRestApi
    from superset.models.core import Database

-    DatabaseRestApi.datamodel.session = session
+    DatabaseRestApi.datamodel._session = session

    # create table for databases
    Database.metadata.create_all(session.get_bind())  # pylint: disable=no-member
@@ -502,7 +502,7 @@ def test_delete_ssh_tunnel(
        from superset.databases.ssh_tunnel.models import SSHTunnel
        from superset.models.core import Database

-        DatabaseRestApi.datamodel.session = session
+        DatabaseRestApi.datamodel._session = session

        # create table for databases
        Database.metadata.create_all(session.get_bind())  # pylint: disable=no-member
@@ -580,7 +580,7 @@ def test_delete_ssh_tunnel_not_found(
        from superset.databases.ssh_tunnel.models import SSHTunnel
        from superset.models.core import Database

-        DatabaseRestApi.datamodel.session = session
+        DatabaseRestApi.datamodel._session = session

        # create table for databases
        Database.metadata.create_all(session.get_bind())  # pylint: disable=no-member
@@ -658,7 +658,7 @@ def test_apply_dynamic_database_filter(
        from superset.databases.api import DatabaseRestApi
        from superset.models.core import Database

-        DatabaseRestApi.datamodel.session = session
+        DatabaseRestApi.datamodel._session = session

        # create table for databases
        Database.metadata.create_all(session.get_bind())  # pylint: disable=no-member
@@ -753,7 +753,7 @@ def test_oauth2_happy_path(
    from superset.databases.api import DatabaseRestApi
    from superset.models.core import Database, DatabaseUserOAuth2Tokens

-    DatabaseRestApi.datamodel.session = session
+    DatabaseRestApi.datamodel._session = session

    # create table for databases
    Database.metadata.create_all(session.get_bind())  # pylint: disable=no-member
@@ -822,7 +822,7 @@ def test_oauth2_permissions(
    from superset.databases.api import DatabaseRestApi
    from superset.models.core import Database, DatabaseUserOAuth2Tokens

-    DatabaseRestApi.datamodel.session = session
+    DatabaseRestApi.datamodel._session = session

    # create table for databases
    Database.metadata.create_all(session.get_bind())  # pylint: disable=no-member
@@ -888,7 +888,7 @@ def test_oauth2_multiple_tokens(
    from superset.databases.api import DatabaseRestApi
    from superset.models.core import Database, DatabaseUserOAuth2Tokens

-    DatabaseRestApi.datamodel.session = session
+    DatabaseRestApi.datamodel._session = session

    # create table for databases
    Database.metadata.create_all(session.get_bind())  # pylint: disable=no-member
--- a/tests/unit_tests/security/manager_test.py
+++ b/tests/unit_tests/security/manager_test.py
@@ -450,7 +450,7 @@ def test_raise_for_access_chart_for_datasource_permission(
    when the user does not have access to the chart datasource
    """
    sm = SupersetSecurityManager(appbuilder)
-    session = sm.get_session
+    session = sm.session

    engine = session.get_bind()
    Slice.metadata.create_all(engine)  # pylint: disable=no-member
@@ -510,7 +510,7 @@ def test_raise_for_access_chart_on_admin(
    from superset.utils.core import override_user

    sm = SupersetSecurityManager(appbuilder)
-    session = sm.get_session
+    session = sm.session

    engine = session.get_bind()
    Slice.metadata.create_all(engine)  # pylint: disable=no-member
@@ -547,7 +547,7 @@ def test_raise_for_access_chart_owner(
    when the user does not have access to the chart datasource
    """
    sm = SupersetSecurityManager(appbuilder)
-    session = sm.get_session
+    session = sm.session

    engine = session.get_bind()
    Slice.metadata.create_all(engine)  # pylint: disable=no-member