feat: add permalink to dashboard and explore (#19078)

* rename key_value to temporary_cache * add migration * create new key_value package * add commands * lots of new stuff * fix schema reference * remove redundant filter state from bootstrap data * add missing license headers * fix pylint * fix dashboard permalink access * use valid json mocks for filter state tests * fix temporary cache tests * add anchors to dashboard state * lint * fix util test * fix url shortlink button tests * remove legacy shortner * remove unused imports * fix js tests * fix test * add native filter state to anchor link * add UPDATING.md section * address comments * address comments * lint * fix test * add utils tests + other test stubs * add key_value integration tests * add filter box state to permalink state * fully support persisting url parameters * lint, add redirects and a few integration tests * fix test + clean up trailing comma * fix anchor bug * change value to LargeBinary to support persisting binary values * fix urlParams type and simplify urlencode * lint * add optional entry expiration * fix incorrect chart id + add test
2026-04-19 16:14:52 +00:00 · 2022-03-17 01:15:52 +02:00
parent d01fdad1d8
commit b7a0559aaf
94 changed files with 2943 additions and 439 deletions
--- a/tests/integration_tests/dashboards/filter_state/api_tests.py
+++ b/tests/integration_tests/dashboards/filter_state/api_tests.py
@@ -23,25 +23,20 @@ from sqlalchemy.orm import Session

 from superset.dashboards.commands.exceptions import DashboardAccessDeniedError
 from superset.extensions import cache_manager
-from superset.key_value.commands.entry import Entry
-from superset.key_value.utils import cache_key
 from superset.models.dashboard import Dashboard
+from superset.temporary_cache.commands.entry import Entry
+from superset.temporary_cache.utils import cache_key
 from tests.integration_tests.base_tests import login
+from tests.integration_tests.fixtures.client import client
 from tests.integration_tests.fixtures.world_bank_dashboard import (
    load_world_bank_dashboard_with_slices,
    load_world_bank_data,
 )
 from tests.integration_tests.test_app import app

-key = "test-key"
-value = "test"
-
-
-@pytest.fixture
-def client():
-    with app.test_client() as client:
-        with app.app_context():
-            yield client
+KEY = "test-key"
+INITIAL_VALUE = json.dumps({"test": "initial value"})
+UPDATED_VALUE = json.dumps({"test": "updated value"})


@pytest.fixture
@@ -62,20 +57,20 @@ def admin_id() -> int:

@pytest.fixture(autouse=True)
 def cache(dashboard_id, admin_id):
-    entry: Entry = {"owner": admin_id, "value": value}
-    cache_manager.filter_state_cache.set(cache_key(dashboard_id, key), entry)
+    entry: Entry = {"owner": admin_id, "value": INITIAL_VALUE}
+    cache_manager.filter_state_cache.set(cache_key(dashboard_id, KEY), entry)


 def test_post(client, dashboard_id: int):
    login(client, "admin")
    payload = {
-        "value": value,
+        "value": INITIAL_VALUE,
    }
    resp = client.post(f"api/v1/dashboard/{dashboard_id}/filter_state", json=payload)
    assert resp.status_code == 201


-def test_post_bad_request(client, dashboard_id: int):
+def test_post_bad_request_non_string(client, dashboard_id: int):
    login(client, "admin")
    payload = {
        "value": 1234,
@@ -84,12 +79,21 @@ def test_post_bad_request(client, dashboard_id: int):
    assert resp.status_code == 400


+def test_post_bad_request_non_json_string(client, dashboard_id: int):
+    login(client, "admin")
+    payload = {
+        "value": "foo",
+    }
+    resp = client.post(f"api/v1/dashboard/{dashboard_id}/filter_state", json=payload)
+    assert resp.status_code == 400
+
+
@patch("superset.security.SupersetSecurityManager.raise_for_dashboard_access")
 def test_post_access_denied(mock_raise_for_dashboard_access, client, dashboard_id: int):
    login(client, "admin")
    mock_raise_for_dashboard_access.side_effect = DashboardAccessDeniedError()
    payload = {
-        "value": value,
+        "value": INITIAL_VALUE,
    }
    resp = client.post(f"api/v1/dashboard/{dashboard_id}/filter_state", json=payload)
    assert resp.status_code == 403
@@ -98,7 +102,7 @@ def test_post_access_denied(mock_raise_for_dashboard_access, client, dashboard_i
 def test_post_same_key_for_same_tab_id(client, dashboard_id: int):
    login(client, "admin")
    payload = {
-        "value": value,
+        "value": INITIAL_VALUE,
    }
    resp = client.post(
        f"api/v1/dashboard/{dashboard_id}/filter_state?tab_id=1", json=payload
@@ -116,7 +120,7 @@ def test_post_same_key_for_same_tab_id(client, dashboard_id: int):
 def test_post_different_key_for_different_tab_id(client, dashboard_id: int):
    login(client, "admin")
    payload = {
-        "value": value,
+        "value": INITIAL_VALUE,
    }
    resp = client.post(
        f"api/v1/dashboard/{dashboard_id}/filter_state?tab_id=1", json=payload
@@ -134,7 +138,7 @@ def test_post_different_key_for_different_tab_id(client, dashboard_id: int):
 def test_post_different_key_for_no_tab_id(client, dashboard_id: int):
    login(client, "admin")
    payload = {
-        "value": value,
+        "value": INITIAL_VALUE,
    }
    resp = client.post(f"api/v1/dashboard/{dashboard_id}/filter_state", json=payload)
    data = json.loads(resp.data.decode("utf-8"))
@@ -148,10 +152,10 @@ def test_post_different_key_for_no_tab_id(client, dashboard_id: int):
 def test_put(client, dashboard_id: int):
    login(client, "admin")
    payload = {
-        "value": "new value",
+        "value": UPDATED_VALUE,
    }
    resp = client.put(
-        f"api/v1/dashboard/{dashboard_id}/filter_state/{key}", json=payload
+        f"api/v1/dashboard/{dashboard_id}/filter_state/{KEY}", json=payload
    )
    assert resp.status_code == 200

@@ -159,15 +163,15 @@ def test_put(client, dashboard_id: int):
 def test_put_same_key_for_same_tab_id(client, dashboard_id: int):
    login(client, "admin")
    payload = {
-        "value": value,
+        "value": INITIAL_VALUE,
    }
    resp = client.put(
-        f"api/v1/dashboard/{dashboard_id}/filter_state/{key}?tab_id=1", json=payload
+        f"api/v1/dashboard/{dashboard_id}/filter_state/{KEY}?tab_id=1", json=payload
    )
    data = json.loads(resp.data.decode("utf-8"))
    first_key = data.get("key")
    resp = client.put(
-        f"api/v1/dashboard/{dashboard_id}/filter_state/{key}?tab_id=1", json=payload
+        f"api/v1/dashboard/{dashboard_id}/filter_state/{KEY}?tab_id=1", json=payload
    )
    data = json.loads(resp.data.decode("utf-8"))
    second_key = data.get("key")
@@ -177,15 +181,15 @@ def test_put_same_key_for_same_tab_id(client, dashboard_id: int):
 def test_put_different_key_for_different_tab_id(client, dashboard_id: int):
    login(client, "admin")
    payload = {
-        "value": value,
+        "value": INITIAL_VALUE,
    }
    resp = client.put(
-        f"api/v1/dashboard/{dashboard_id}/filter_state/{key}?tab_id=1", json=payload
+        f"api/v1/dashboard/{dashboard_id}/filter_state/{KEY}?tab_id=1", json=payload
    )
    data = json.loads(resp.data.decode("utf-8"))
    first_key = data.get("key")
    resp = client.put(
-        f"api/v1/dashboard/{dashboard_id}/filter_state/{key}?tab_id=2", json=payload
+        f"api/v1/dashboard/{dashboard_id}/filter_state/{KEY}?tab_id=2", json=payload
    )
    data = json.loads(resp.data.decode("utf-8"))
    second_key = data.get("key")
@@ -195,28 +199,39 @@ def test_put_different_key_for_different_tab_id(client, dashboard_id: int):
 def test_put_different_key_for_no_tab_id(client, dashboard_id: int):
    login(client, "admin")
    payload = {
-        "value": value,
+        "value": INITIAL_VALUE,
    }
    resp = client.put(
-        f"api/v1/dashboard/{dashboard_id}/filter_state/{key}", json=payload
+        f"api/v1/dashboard/{dashboard_id}/filter_state/{KEY}", json=payload
    )
    data = json.loads(resp.data.decode("utf-8"))
    first_key = data.get("key")
    resp = client.put(
-        f"api/v1/dashboard/{dashboard_id}/filter_state/{key}", json=payload
+        f"api/v1/dashboard/{dashboard_id}/filter_state/{KEY}", json=payload
    )
    data = json.loads(resp.data.decode("utf-8"))
    second_key = data.get("key")
    assert first_key != second_key


-def test_put_bad_request(client, dashboard_id: int):
+def test_put_bad_request_non_string(client, dashboard_id: int):
    login(client, "admin")
    payload = {
        "value": 1234,
    }
    resp = client.put(
-        f"api/v1/dashboard/{dashboard_id}/filter_state/{key}", json=payload
+        f"api/v1/dashboard/{dashboard_id}/filter_state/{KEY}", json=payload
+    )
+    assert resp.status_code == 400
+
+
+def test_put_bad_request_non_json_string(client, dashboard_id: int):
+    login(client, "admin")
+    payload = {
+        "value": "foo",
+    }
+    resp = client.put(
+        f"api/v1/dashboard/{dashboard_id}/filter_state/{KEY}", json=payload
    )
    assert resp.status_code == 400

@@ -226,10 +241,10 @@ def test_put_access_denied(mock_raise_for_dashboard_access, client, dashboard_id
    login(client, "admin")
    mock_raise_for_dashboard_access.side_effect = DashboardAccessDeniedError()
    payload = {
-        "value": "new value",
+        "value": UPDATED_VALUE,
    }
    resp = client.put(
-        f"api/v1/dashboard/{dashboard_id}/filter_state/{key}", json=payload
+        f"api/v1/dashboard/{dashboard_id}/filter_state/{KEY}", json=payload
    )
    assert resp.status_code == 403

@@ -237,10 +252,10 @@ def test_put_access_denied(mock_raise_for_dashboard_access, client, dashboard_id
 def test_put_not_owner(client, dashboard_id: int):
    login(client, "gamma")
    payload = {
-        "value": "new value",
+        "value": UPDATED_VALUE,
    }
    resp = client.put(
-        f"api/v1/dashboard/{dashboard_id}/filter_state/{key}", json=payload
+        f"api/v1/dashboard/{dashboard_id}/filter_state/{KEY}", json=payload
    )
    assert resp.status_code == 403

@@ -253,29 +268,29 @@ def test_get_key_not_found(client, dashboard_id: int):

 def test_get_dashboard_not_found(client):
    login(client, "admin")
-    resp = client.get(f"api/v1/dashboard/{-1}/filter_state/{key}")
+    resp = client.get(f"api/v1/dashboard/{-1}/filter_state/{KEY}")
    assert resp.status_code == 404


 def test_get(client, dashboard_id: int):
    login(client, "admin")
-    resp = client.get(f"api/v1/dashboard/{dashboard_id}/filter_state/{key}")
+    resp = client.get(f"api/v1/dashboard/{dashboard_id}/filter_state/{KEY}")
    assert resp.status_code == 200
    data = json.loads(resp.data.decode("utf-8"))
-    assert value == data.get("value")
+    assert INITIAL_VALUE == data.get("value")


@patch("superset.security.SupersetSecurityManager.raise_for_dashboard_access")
 def test_get_access_denied(mock_raise_for_dashboard_access, client, dashboard_id):
    login(client, "admin")
    mock_raise_for_dashboard_access.side_effect = DashboardAccessDeniedError()
-    resp = client.get(f"api/v1/dashboard/{dashboard_id}/filter_state/{key}")
+    resp = client.get(f"api/v1/dashboard/{dashboard_id}/filter_state/{KEY}")
    assert resp.status_code == 403


 def test_delete(client, dashboard_id: int):
    login(client, "admin")
-    resp = client.delete(f"api/v1/dashboard/{dashboard_id}/filter_state/{key}")
+    resp = client.delete(f"api/v1/dashboard/{dashboard_id}/filter_state/{KEY}")
    assert resp.status_code == 200


@@ -285,11 +300,11 @@ def test_delete_access_denied(
 ):
    login(client, "admin")
    mock_raise_for_dashboard_access.side_effect = DashboardAccessDeniedError()
-    resp = client.delete(f"api/v1/dashboard/{dashboard_id}/filter_state/{key}")
+    resp = client.delete(f"api/v1/dashboard/{dashboard_id}/filter_state/{KEY}")
    assert resp.status_code == 403


 def test_delete_not_owner(client, dashboard_id: int):
    login(client, "gamma")
-    resp = client.delete(f"api/v1/dashboard/{dashboard_id}/filter_state/{key}")
+    resp = client.delete(f"api/v1/dashboard/{dashboard_id}/filter_state/{KEY}")
    assert resp.status_code == 403
--- a/tests/integration_tests/dashboards/permalink/init.py
+++ b/tests/integration_tests/dashboards/permalink/init.py
@@ -0,0 +1,16 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
--- a/tests/integration_tests/dashboards/permalink/api_tests.py
+++ b/tests/integration_tests/dashboards/permalink/api_tests.py
@@ -0,0 +1,90 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+import json
+from unittest.mock import patch
+
+import pytest
+from flask_appbuilder.security.sqla.models import User
+from sqlalchemy.orm import Session
+
+from superset import db
+from superset.dashboards.commands.exceptions import DashboardAccessDeniedError
+from superset.key_value.models import KeyValueEntry
+from superset.models.dashboard import Dashboard
+from superset.models.slice import Slice
+from tests.integration_tests.base_tests import login
+from tests.integration_tests.fixtures.client import client
+from tests.integration_tests.fixtures.world_bank_dashboard import (
+    load_world_bank_dashboard_with_slices,
+    load_world_bank_data,
+)
+from tests.integration_tests.test_app import app
+
+STATE = {
+    "filterState": {"FILTER_1": "foo",},
+    "hash": "my-anchor",
+}
+
+
+@pytest.fixture
+def dashboard_id(load_world_bank_dashboard_with_slices) -> int:
+    with app.app_context() as ctx:
+        session: Session = ctx.app.appbuilder.get_session
+        dashboard = session.query(Dashboard).filter_by(slug="world_health").one()
+        return dashboard.id
+
+
+def test_post(client, dashboard_id: int):
+    login(client, "admin")
+    resp = client.post(f"api/v1/dashboard/{dashboard_id}/permalink", json=STATE)
+    assert resp.status_code == 201
+    data = json.loads(resp.data.decode("utf-8"))
+    key = data["key"]
+    url = data["url"]
+    assert key in url
+    db.session.query(KeyValueEntry).filter_by(uuid=key).delete()
+    db.session.commit()
+
+
+@patch("superset.security.SupersetSecurityManager.raise_for_dashboard_access")
+def test_post_access_denied(mock_raise_for_dashboard_access, client, dashboard_id: int):
+    login(client, "admin")
+    mock_raise_for_dashboard_access.side_effect = DashboardAccessDeniedError()
+    resp = client.post(f"api/v1/dashboard/{dashboard_id}/permalink", json=STATE)
+    assert resp.status_code == 403
+
+
+def test_post_invalid_schema(client, dashboard_id: int):
+    login(client, "admin")
+    resp = client.post(
+        f"api/v1/dashboard/{dashboard_id}/permalink", json={"foo": "bar"}
+    )
+    assert resp.status_code == 400
+
+
+def test_get(client, dashboard_id: int):
+    login(client, "admin")
+    resp = client.post(f"api/v1/dashboard/{dashboard_id}/permalink", json=STATE)
+    data = json.loads(resp.data.decode("utf-8"))
+    key = data["key"]
+    resp = client.get(f"api/v1/dashboard/permalink/{key}")
+    assert resp.status_code == 200
+    result = json.loads(resp.data.decode("utf-8"))
+    assert result["dashboardId"] == str(dashboard_id)
+    assert result["state"] == STATE
+    db.session.query(KeyValueEntry).filter_by(uuid=key).delete()
+    db.session.commit()