feat(file uploads): List only allowed schemas in the file uploads dialog (#32702)

2026-04-20 00:24:38 +00:00 · 2025-03-17 23:36:16 -03:00
parent 4adf44a43c
commit e35145c816
5 changed files with 110 additions and 5 deletions
--- a/superset/databases/api.py
+++ b/superset/databases/api.py
@@ -776,18 +776,35 @@ class DatabaseRestApi(BaseSupersetModelRestApi):
        if not database:
            return self.response_404()
        try:
-            catalog = kwargs["rison"].get("catalog")
+            params = kwargs["rison"]
+            catalog = params.get("catalog")
            schemas = database.get_all_schema_names(
                catalog=catalog,
                cache=database.schema_cache_enabled,
                cache_timeout=database.schema_cache_timeout or None,
-                force=kwargs["rison"].get("force", False),
+                force=params.get("force", False),
            )
            schemas = security_manager.get_schemas_accessible_by_user(
                database,
                catalog,
                schemas,
            )
+            if params.get("upload_allowed"):
+                if not database.allow_file_upload:
+                    return self.response(200, result=[])
+                if allowed_schemas := database.get_schema_access_for_file_upload():
+                    # some databases might return the list of schemas in uppercase,
+                    # while the list of allowed schemas is manually inputted so
+                    # could be lowercase
+                    allowed_schemas = {schema.lower() for schema in allowed_schemas}
+                    return self.response(
+                        200,
+                        result=[
+                            schema
+                            for schema in schemas
+                            if schema.lower() in allowed_schemas
+                        ],
+                    )
            return self.response(200, result=list(schemas))
        except OperationalError:
            return self.response(
--- a/superset/databases/schemas.py
+++ b/superset/databases/schemas.py
@@ -64,6 +64,7 @@ database_schemas_query_schema = {
    "type": "object",
    "properties": {
        "force": {"type": "boolean"},
+        "upload_allowed": {"type": "boolean"},
        "catalog": {"type": "string"},
    },
 }