QT/superset2
1
0
Fork 0
mirror of https://github.com/apache/superset.git synced 2026-04-19 16:14:52 +00:00
Code Issues Packages Projects Releases Wiki Activity

refactor: Moves the Explore form_data endpoint (#18151)

Browse Source 
* refactor: Moves the Explore form_data endpoint

* Removes unused imports

* Fixes openapi schema error

* Fixes typo

* Renames and UPDATING.md
This commit is contained in:
Michael S. Molina
2022-01-25 11:14:50 -03:00
committed by GitHub
parent fa104fee9a
commit f018c826b8
27 changed files with 803 additions and 578 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
superset/explore/__init__.py Normal file
View File

@@ -0,0 +1,16 @@
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.

16
superset/explore/form_data/__init__.py Normal file
View File

@@ -0,0 +1,16 @@
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.

305
superset/explore/form_data/api.py Normal file
View File

@@ -0,0 +1,305 @@
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
import logging
from abc import ABC
from flask import g, request, Response
from flask_appbuilder.api import BaseApi, expose, protect, safe
from marshmallow import ValidationError
from superset.charts.commands.exceptions import (
ChartAccessDeniedError,
ChartNotFoundError,
)
from superset.constants import MODEL_API_RW_METHOD_PERMISSION_MAP, RouteMethod
from superset.datasets.commands.exceptions import (
DatasetAccessDeniedError,
DatasetNotFoundError,
)
from superset.exceptions import InvalidPayloadFormatError
from superset.explore.form_data.commands.create import CreateFormDataCommand
from superset.explore.form_data.commands.delete import DeleteFormDataCommand
from superset.explore.form_data.commands.get import GetFormDataCommand
from superset.explore.form_data.commands.parameters import CommandParameters
from superset.explore.form_data.commands.update import UpdateFormDataCommand
from superset.explore.form_data.schemas import FormDataPostSchema, FormDataPutSchema
from superset.extensions import event_logger
from superset.key_value.commands.exceptions import KeyValueAccessDeniedError
logger = logging.getLogger(__name__)
class ExploreFormDataRestApi(BaseApi, ABC):
add_model_schema = FormDataPostSchema()
edit_model_schema = FormDataPutSchema()
method_permission_name = MODEL_API_RW_METHOD_PERMISSION_MAP
include_route_methods = {
RouteMethod.POST,
RouteMethod.PUT,
RouteMethod.GET,
RouteMethod.DELETE,
}
allow_browser_login = True
class_permission_name = "ExploreFormDataRestApi"
resource_name = "explore"
openapi_spec_tag = "Explore Form Data"
openapi_spec_component_schemas = (FormDataPostSchema, FormDataPutSchema)
@expose("/form_data", methods=["POST"])
@protect()
@safe
@event_logger.log_this_with_context(
action=lambda self, *args, **kwargs: f"{self.__class__.__name__}.post",
log_to_statsd=False,
)
def post(self) -> Response:
"""Stores a new form_data.
---
post:
description: >-
Stores a new form_data.
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/FormDataPostSchema'
responses:
201:
description: The form_data was stored successfully.
content:
application/json:
schema:
type: object
properties:
key:
type: string
description: The key to retrieve the form_data.
400:
$ref: '#/components/responses/400'
401:
$ref: '#/components/responses/401'
422:
$ref: '#/components/responses/422'
500:
$ref: '#/components/responses/500'
"""
if not request.is_json:
raise InvalidPayloadFormatError("Request is not JSON")
try:
item = self.add_model_schema.load(request.json)
args = CommandParameters(
actor=g.user,
dataset_id=item["dataset_id"],
chart_id=item.get("chart_id"),
form_data=item["form_data"],
)
key = CreateFormDataCommand(args).run()
return self.response(201, key=key)
except ValidationError as ex:
return self.response(400, message=ex.messages)
except (
ChartAccessDeniedError,
DatasetAccessDeniedError,
KeyValueAccessDeniedError,
) as ex:
return self.response(403, message=str(ex))
except (ChartNotFoundError, DatasetNotFoundError) as ex:
return self.response(404, message=str(ex))
@expose("/form_data/<string:key>", methods=["PUT"])
@protect()
@safe
@event_logger.log_this_with_context(
action=lambda self, *args, **kwargs: f"{self.__class__.__name__}.put",
log_to_statsd=False,
)
def put(self, key: str) -> Response:
"""Updates an existing form_data.
---
put:
description: >-
Updates an existing form_data.
parameters:
- in: path
schema:
type: string
name: key
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/FormDataPutSchema'
responses:
200:
description: The form_data was stored successfully.
content:
application/json:
schema:
type: object
properties:
message:
type: string
description: The result of the operation
400:
$ref: '#/components/responses/400'
401:
$ref: '#/components/responses/401'
404:
$ref: '#/components/responses/404'
422:
$ref: '#/components/responses/422'
500:
$ref: '#/components/responses/500'
"""
if not request.is_json:
raise InvalidPayloadFormatError("Request is not JSON")
try:
item = self.edit_model_schema.load(request.json)
args = CommandParameters(
actor=g.user,
dataset_id=item["dataset_id"],
chart_id=item.get("chart_id"),
key=key,
form_data=item["form_data"],
)
result = UpdateFormDataCommand(args).run()
if not result:
return self.response_404()
return self.response(200, message="Value updated successfully.")
except ValidationError as ex:
return self.response(400, message=ex.messages)
except (
ChartAccessDeniedError,
DatasetAccessDeniedError,
KeyValueAccessDeniedError,
) as ex:
return self.response(403, message=str(ex))
except (ChartNotFoundError, DatasetNotFoundError) as ex:
return self.response(404, message=str(ex))
@expose("/form_data/<string:key>", methods=["GET"])
@protect()
@safe
@event_logger.log_this_with_context(
action=lambda self, *args, **kwargs: f"{self.__class__.__name__}.get",
log_to_statsd=False,
)
def get(self, key: str) -> Response:
"""Retrives a form_data.
---
get:
description: >-
Retrives a form_data.
parameters:
- in: path
schema:
type: string
name: key
responses:
200:
description: Returns the stored form_data.
content:
application/json:
schema:
type: object
properties:
form_data:
type: string
description: The stored form_data
400:
$ref: '#/components/responses/400'
401:
$ref: '#/components/responses/401'
404:
$ref: '#/components/responses/404'
422:
$ref: '#/components/responses/422'
500:
$ref: '#/components/responses/500'
"""
try:
args = CommandParameters(actor=g.user, key=key)
form_data = GetFormDataCommand(args).run()
if not form_data:
return self.response_404()
return self.response(200, form_data=form_data)
except (
ChartAccessDeniedError,
DatasetAccessDeniedError,
KeyValueAccessDeniedError,
) as ex:
return self.response(403, message=str(ex))
except (ChartNotFoundError, DatasetNotFoundError) as ex:
return self.response(404, message=str(ex))
@expose("/form_data/<string:key>", methods=["DELETE"])
@protect()
@safe
@event_logger.log_this_with_context(
action=lambda self, *args, **kwargs: f"{self.__class__.__name__}.delete",
log_to_statsd=False,
)
def delete(self, key: str) -> Response:
"""Deletes a form_data.
---
delete:
description: >-
Deletes a form_data.
parameters:
- in: path
schema:
type: string
name: key
description: The form_data key.
responses:
200:
description: Deleted the stored form_data.
content:
application/json:
schema:
type: object
properties:
message:
type: string
description: The result of the operation
400:
$ref: '#/components/responses/400'
401:
$ref: '#/components/responses/401'
404:
$ref: '#/components/responses/404'
422:
$ref: '#/components/responses/422'
500:
$ref: '#/components/responses/500'
"""
try:
args = CommandParameters(actor=g.user, key=key)
result = DeleteFormDataCommand(args).run()
if not result:
return self.response_404()
return self.response(200, message="Deleted successfully")
except (
ChartAccessDeniedError,
DatasetAccessDeniedError,
KeyValueAccessDeniedError,
) as ex:
return self.response(403, message=str(ex))
except (ChartNotFoundError, DatasetNotFoundError) as ex:
return self.response(404, message=str(ex))

16
superset/explore/form_data/commands/__init__.py Normal file
View File

@@ -0,0 +1,16 @@
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.

58
superset/explore/form_data/commands/create.py Normal file
View File

@@ -0,0 +1,58 @@
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
import logging
from secrets import token_urlsafe
from sqlalchemy.exc import SQLAlchemyError
from superset.commands.base import BaseCommand
from superset.explore.form_data.commands.parameters import CommandParameters
from superset.explore.form_data.commands.state import TemporaryExploreState
from superset.explore.form_data.utils import check_access
from superset.extensions import cache_manager
from superset.key_value.commands.exceptions import KeyValueCreateFailedError
logger = logging.getLogger(__name__)
class CreateFormDataCommand(BaseCommand):
def __init__(self, cmd_params: CommandParameters):
self._cmd_params = cmd_params
def run(self) -> str:
try:
dataset_id = self._cmd_params.dataset_id
chart_id = self._cmd_params.chart_id
actor = self._cmd_params.actor
form_data = self._cmd_params.form_data
check_access(dataset_id, chart_id, actor)
key = token_urlsafe(48)
if form_data:
state: TemporaryExploreState = {
"owner": actor.get_user_id(),
"dataset_id": dataset_id,
"chart_id": chart_id,
"form_data": form_data,
}
cache_manager.explore_form_data_cache.set(key, state)
return key
except SQLAlchemyError as ex:
logger.exception("Error running create command")
raise KeyValueCreateFailedError() from ex
def validate(self) -> None:
pass

57
superset/explore/form_data/commands/delete.py Normal file
View File

@@ -0,0 +1,57 @@
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
import logging
from abc import ABC
from sqlalchemy.exc import SQLAlchemyError
from superset.commands.base import BaseCommand
from superset.explore.form_data.commands.parameters import CommandParameters
from superset.explore.form_data.commands.state import TemporaryExploreState
from superset.explore.form_data.utils import check_access
from superset.extensions import cache_manager
from superset.key_value.commands.exceptions import (
KeyValueAccessDeniedError,
KeyValueDeleteFailedError,
)
logger = logging.getLogger(__name__)
class DeleteFormDataCommand(BaseCommand, ABC):
def __init__(self, cmd_params: CommandParameters):
self._cmd_params = cmd_params
def run(self) -> bool:
try:
actor = self._cmd_params.actor
key = self._cmd_params.key
state: TemporaryExploreState = cache_manager.explore_form_data_cache.get(
key
)
if state:
check_access(state["dataset_id"], state["chart_id"], actor)
if state["owner"] != actor.get_user_id():
raise KeyValueAccessDeniedError()
return cache_manager.explore_form_data_cache.delete(key)
return False
except SQLAlchemyError as ex:
logger.exception("Error running delete command")
raise KeyValueDeleteFailedError() from ex
def validate(self) -> None:
pass

58
superset/explore/form_data/commands/get.py Normal file
View File

@@ -0,0 +1,58 @@
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
import logging
from abc import ABC
from typing import Optional
from flask import current_app as app
from sqlalchemy.exc import SQLAlchemyError
from superset.commands.base import BaseCommand
from superset.explore.form_data.commands.parameters import CommandParameters
from superset.explore.form_data.commands.state import TemporaryExploreState
from superset.explore.form_data.utils import check_access
from superset.extensions import cache_manager
from superset.key_value.commands.exceptions import KeyValueGetFailedError
logger = logging.getLogger(__name__)
class GetFormDataCommand(BaseCommand, ABC):
def __init__(self, cmd_params: CommandParameters) -> None:
self._cmd_params = cmd_params
config = app.config["EXPLORE_FORM_DATA_CACHE_CONFIG"]
self._refresh_timeout = config.get("REFRESH_TIMEOUT_ON_RETRIEVAL")
def run(self) -> Optional[str]:
try:
actor = self._cmd_params.actor
key = self._cmd_params.key
state: TemporaryExploreState = cache_manager.explore_form_data_cache.get(
key
)
if state:
check_access(state["dataset_id"], state["chart_id"], actor)
if self._refresh_timeout:
cache_manager.explore_form_data_cache.set(key, state)
return state["form_data"]
return None
except SQLAlchemyError as ex:
logger.exception("Error running get command")
raise KeyValueGetFailedError() from ex
def validate(self) -> None:
pass

29
superset/explore/form_data/commands/parameters.py Normal file
View File

@@ -0,0 +1,29 @@
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
from dataclasses import dataclass
from typing import Optional
from flask_appbuilder.security.sqla.models import User
@dataclass
class CommandParameters:
actor: User
dataset_id: int = 0
chart_id: int = 0
key: Optional[str] = None
form_data: Optional[str] = None

26
superset/explore/form_data/commands/state.py Normal file
View File

@@ -0,0 +1,26 @@
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
from typing import Optional
from typing_extensions import TypedDict
class TemporaryExploreState(TypedDict):
owner: int
dataset_id: int
chart_id: Optional[int]
form_data: str

69
superset/explore/form_data/commands/update.py Normal file
View File

@@ -0,0 +1,69 @@
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
import logging
from abc import ABC
from sqlalchemy.exc import SQLAlchemyError
from superset.commands.base import BaseCommand
from superset.explore.form_data.commands.parameters import CommandParameters
from superset.explore.form_data.commands.state import TemporaryExploreState
from superset.explore.form_data.utils import check_access
from superset.extensions import cache_manager
from superset.key_value.commands.exceptions import (
KeyValueAccessDeniedError,
KeyValueUpdateFailedError,
)
logger = logging.getLogger(__name__)
class UpdateFormDataCommand(BaseCommand, ABC):
def __init__(
self, cmd_params: CommandParameters,
):
self._cmd_params = cmd_params
def run(self) -> bool:
try:
dataset_id = self._cmd_params.dataset_id
chart_id = self._cmd_params.chart_id
actor = self._cmd_params.actor
key = self._cmd_params.key
form_data = self._cmd_params.form_data
check_access(dataset_id, chart_id, actor)
state: TemporaryExploreState = cache_manager.explore_form_data_cache.get(
key
)
if state and form_data:
user_id = actor.get_user_id()
if state["owner"] != user_id:
raise KeyValueAccessDeniedError()
new_state: TemporaryExploreState = {
"owner": actor.get_user_id(),
"dataset_id": dataset_id,
"chart_id": chart_id,
"form_data": form_data,
}
return cache_manager.explore_form_data_cache.set(key, new_state)
return False
except SQLAlchemyError as ex:
logger.exception("Error running update command")
raise KeyValueUpdateFailedError() from ex
def validate(self) -> None:
pass

37
superset/explore/form_data/schemas.py Normal file
View File

@@ -0,0 +1,37 @@
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
from marshmallow import fields, Schema
class FormDataPostSchema(Schema):
dataset_id = fields.Integer(
required=True, allow_none=False, description="The dataset ID"
)
chart_id = fields.Integer(required=False, description="The chart ID")
form_data = fields.String(
required=True, allow_none=False, description="Any type of JSON supported text."
)
class FormDataPutSchema(Schema):
dataset_id = fields.Integer(
required=True, allow_none=False, description="The dataset ID"
)
chart_id = fields.Integer(required=False, description="The chart ID")
form_data = fields.String(
required=True, allow_none=False, description="Any type of JSON supported text."
)

63
superset/explore/form_data/utils.py Normal file
View File

@@ -0,0 +1,63 @@
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
from typing import Optional
from flask_appbuilder.security.sqla.models import User
from superset import security_manager
from superset.charts.commands.exceptions import (
ChartAccessDeniedError,
ChartNotFoundError,
)
from superset.charts.dao import ChartDAO
from superset.datasets.commands.exceptions import (
DatasetAccessDeniedError,
DatasetNotFoundError,
)
from superset.datasets.dao import DatasetDAO
from superset.views.base import is_user_admin
from superset.views.utils import is_owner
def check_dataset_access(dataset_id: int) -> Optional[bool]:
if dataset_id:
dataset = DatasetDAO.find_by_id(dataset_id)
if dataset:
can_access_datasource = security_manager.can_access_datasource(dataset)
if can_access_datasource:
return True
raise DatasetAccessDeniedError()
raise DatasetNotFoundError()
def check_access(
dataset_id: int, chart_id: Optional[int], actor: User
) -> Optional[bool]:
check_dataset_access(dataset_id)
if not chart_id:
return True
chart = ChartDAO.find_by_id(chart_id)
if chart:
can_access_chart = (
is_user_admin()
or is_owner(chart, actor)
or security_manager.can_access("can_read", "Chart")
)
if can_access_chart:
return True
raise ChartAccessDeniedError()
raise ChartNotFoundError()