QT/superset2
1
0
Fork 0
mirror of https://github.com/apache/superset.git synced 2026-04-20 16:44:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: RLS for SQL Lab (#19999)

Browse Source 
* feat: RLS for SQL Lab

* Small fixes

* Pass username to security manager

* Update docstrings

* Add tests

* Remove type from docstring
This commit is contained in:
Beto Dealmeida
2022-05-12 11:03:01 -07:00
committed by GitHub
parent ded9122ceb
commit f2881e5bbd
8 changed files with 329 additions and 66 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
superset/sql_parse.py
View File

@@ -553,6 +553,7 @@ def get_rls_for_table(
candidate: Token,
database_id: int,
default_schema: Optional[str],
username: Optional[str] = None,
) -> Optional[TokenList]:
"""
Given a table name, return any associated RLS predicates.
@@ -585,7 +586,7 @@ def get_rls_for_table(
template_processor = dataset.get_template_processor()
predicate = " AND ".join(
str(filter_)
for filter_ in dataset.get_sqla_row_level_filters(template_processor)
for filter_ in dataset.get_sqla_row_level_filters(template_processor, username)
)
if not predicate:
return None
@@ -600,6 +601,7 @@ def insert_rls(
token_list: TokenList,
database_id: int,
default_schema: Optional[str],
username: Optional[str] = None,
) -> TokenList:
"""
Update a statement inplace applying any associated RLS predicates.
@@ -621,7 +623,7 @@ def insert_rls(
elif state == InsertRLSState.SEEN_SOURCE and (
isinstance(token, Identifier) or token.ttype == Keyword
):
rls = get_rls_for_table(token, database_id, default_schema)
rls = get_rls_for_table(token, database_id, default_schema, username)
if rls:
state = InsertRLSState.FOUND_TABLE