Evan Rusackas
8799a1b93d
fix(i18n): derive language pack context from the built payload, allowlist the script route
...
Fixes the three real CI failures:
- unit-tests: get_spa_template_context called common_bootstrap_payload()
a second time just to derive the language pack context, which requires
user/auth request state that tests mocking get_spa_payload don't set
up. get_language_pack_template_context now takes the already-built
common payload dict, so template context and payload can't diverge
and the theme-helper tests pass unchanged.
- test-sqlite/mysql/postgres: register the deliberately-unauthenticated
language_pack_script route in test_views_are_secured's allowlist with
its justification (static public catalog data, must load for
anonymous principals).
- lint-frontend: type the preamble test fixture as LanguagePack
(plural_forms was missing) via a type-only import that the jest
module mock doesn't affect.
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com >
2026-07-10 14:23:39 -07:00
Ville Brofeldt
33f0fc93ed
feat: introduce Subject model and entity editors/viewers ( #38831 )
2026-07-08 11:00:03 -07:00
Mike Bridge
04f8b700d7
feat(datasets): soft-delete and restore ( #40130 )
...
Co-authored-by: Mike Bridge <michael.bridge@ext.preset.io >
Co-authored-by: Claude Fable 5 <noreply@anthropic.com >
2026-07-07 08:57:08 -07:00
Joe Li
bed1034c2f
refactor(frontend): centralize subdirectory URL prefixing behind nav helpers ( #39925 )
...
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com >
Co-authored-by: Evan <evan@preset.io >
2026-07-01 11:20:13 -07:00
Shaitan
6eaee211aa
fix(sqllab): require dataset match for raw query access ( #40409 )
...
Co-authored-by: Claude Opus 4.7 <noreply@anthropic.com >
2026-06-02 21:50:27 +01:00
Beto Dealmeida
edf4d03218
chore: bump rison to 2.0.0 ( #39529 )
2026-04-24 15:52:42 -04:00
Vitor Avila
c7955a38ef
fix: Drill to Detail for Embedded ( #39214 )
...
Co-authored-by: Maxime Beauchemin <maximebeauchemin@gmail.com >
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com >
2026-04-09 17:01:48 -03:00
Hugh A. Miles II
61fbfda501
feat(security): add granular export controls (Phase 1) ( #38361 )
2026-03-09 16:44:56 -04:00
Beto Dealmeida
03ad1789f0
feat(alerts/reports): external URL warning ( #35021 )
2026-03-06 11:57:03 -05:00
Amin Ghadersohi
0ecc69d2f1
chore(deps): bump fastmcp from 2.14.0 to 2.14.3 ( #37410 )
2026-01-24 07:03:00 -08:00
Evan Rusackas
5909e90081
feat(security): add built-in Public role for anonymous dashboard access ( #36548 )
...
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com >
2026-01-05 10:27:10 -08:00
Shunki
440cbc4c1f
fix(roles): Add missing SQLLab permissions for estimate and format ( #36263 )
2025-12-08 14:40:38 -08:00
Daniel Vaz Gaspar
a9fb853e3e
fix: Bump FAB to 5.X ( #33055 )
...
Co-authored-by: Joe Li <joe@preset.io >
2025-09-12 09:21:37 +01:00
Le Xich Long
6d827cf905
fix(security): grant TableSchemaView to only sql_lab role ( #32340 )
2025-08-12 13:45:36 -07:00
Maxime Beauchemin
cb27d5fe8d
chore: proper current_app.config proxy usage ( #34345 )
...
Co-authored-by: Claude <noreply@anthropic.com >
2025-07-31 19:27:42 -07:00
Mehmet Salih Yavuz
a13a590796
feat(User Registrations): Migrate user registrations fab view ( #33631 )
2025-06-25 14:26:21 +02:00
Maxime Beauchemin
dd129fa403
feat(theming): land Ant Design v5 overhaul — dynamic themes, real dark mode + massive styling refactor ( #31590 )
...
Co-authored-by: Enzo Martellucci <52219496+EnxDev@users.noreply.github.com >
Co-authored-by: Diego Pucci <diegopucci.me@gmail.com >
Co-authored-by: Mehmet Salih Yavuz <salih.yavuz@proton.me >
Co-authored-by: Geido <60598000+geido@users.noreply.github.com >
Co-authored-by: Alexandru Soare <37236580+alexandrusoare@users.noreply.github.com >
Co-authored-by: Damian Pendrak <dpendrak@gmail.com >
Co-authored-by: Pius Iniobong <67148161+payose@users.noreply.github.com >
Co-authored-by: Enzo Martellucci <enzomartellucci@gmail.com >
Co-authored-by: Kamil Gabryjelski <kamil.gabryjelski@gmail.com >
2025-06-20 13:38:58 -07:00
Beto Dealmeida
a26e1d822a
chore: remove sqlparse ( #33564 )
2025-06-04 19:31:41 -04:00
Enzo Martellucci
20519158d2
feat(UserInfo): Migrate User Info FAB to React ( #33620 )
2025-06-03 19:24:22 +02:00
Jillian
93fa39a14f
fix(lang): patch FAB's LocaleView to redirect to previous page ( #31692 )
2025-04-15 09:46:06 -07:00
Daniel Vaz Gaspar
15cf06699a
feat: security, user group support ( #32121 )
2025-03-04 09:54:12 +00:00
Levis Mbote
2c37ddb2f6
fix(roles): Add SqlLabPermalinkRestApi as default sqlab roles. ( #32284 )
2025-02-21 15:42:35 -07:00
Daniel Vaz Gaspar
1b375b715c
refactor: upload data unification, less permissions and less endpoints ( #31959 )
2025-01-28 11:09:55 +00:00
Maxime Beauchemin
e51b95ffa8
chore: enforce more ruff rules ( #31447 )
...
Co-authored-by: Elizabeth Thompson <eschutho@gmail.com >
2024-12-18 17:41:34 -08:00
Maxime Beauchemin
a849c29288
chore: enable lint PT009 'use regular assert over self.assert.*' ( #30521 )
2024-10-07 13:17:27 -07:00
Beto Dealmeida
39209c2b40
fix: handle empty catalog when DB supports them ( #29840 )
2024-08-13 10:08:43 -04:00
Eyal Ezer
07b2449bd7
refactor: Unify all json.(loads|dumps) usage to utils.json ( #28702 )
...
Co-authored-by: Eyal Ezer <eyal.ezer@ge.com >
2024-05-28 14:17:41 -07:00
Beto Dealmeida
e90246fd1f
feat(SIP-95): permissions for catalogs ( #28317 )
2024-05-06 11:41:58 -04:00
Maxime Beauchemin
513852b7c3
fix: all_database_access should enable access to all datasets/charts/dashboards ( #28205 )
2024-05-02 09:25:14 -07:00
Maxime Beauchemin
2d63722150
chore: set up ruff as a new linter/formatter ( #28158 )
2024-04-24 17:19:53 -07:00
Maxime Beauchemin
e9c0ca545f
feat: Slack Avatar integration ( #27849 )
2024-04-16 08:40:27 -07:00
Daniel Vaz Gaspar
54387b4589
feat: new CSV upload form and API ( #27840 )
2024-04-15 09:38:51 +01:00
John Bodley
481a63da55
chore(tests): Remove ineffectual login ( #27149 )
2024-04-09 09:52:02 -07:00
Beto Dealmeida
9022f5c519
feat(SIP-85): OAuth2 for databases ( #27631 )
2024-04-02 22:05:33 -04:00
Michael S. Molina
8a46694ce9
fix: Missing SQL Lab permission ( #27361 )
2024-03-01 13:08:39 -05:00
John Bodley
8749d9f386
chore(tests): Remove unnecessary explicit Flask-SQLAlchemy session expunges ( #27136 )
2024-02-17 07:05:22 +13:00
Daniel Vaz Gaspar
c96e38c07c
fix: removes old deprecated sqllab endpoints ( #27117 )
2024-02-15 15:58:48 +00:00
John Bodley
847ed3f5b0
refactor: Ensure Flask framework leverages the Flask-SQLAlchemy session (Phase II) ( #26909 )
2024-02-14 06:20:15 +13:00
Geido
595c6ce3e6
chore: Add granular permissions for actions in Dashboard ( #27029 )
2024-02-09 16:25:32 +02:00
Geido
6c029ce2e8
chore: Add permission to view and drill on Dashboard context ( #26798 )
2024-01-29 18:28:10 +01:00
Michael S. Molina
f63e66be01
refactor: Removes the deprecated VERSIONED_EXPORT feature flag ( #26347 )
2024-01-19 15:21:14 -03:00
John Bodley
df79522160
refactor: Ensure Flask framework leverages the Flask-SQLAlchemy session ( #26200 )
2024-01-18 08:27:29 +13:00
Daniel Vaz Gaspar
8e19f59dd2
fix: create virtual dataset validation ( #26625 )
2024-01-17 09:11:15 +00:00
Jack Fragassi
2b8d8da22a
fix: Allow embedded guest user datasource access with dashboard context ( #25081 )
2023-08-28 09:48:21 -07:00
Lily Kuang
6ac906f388
chore: remove CssTemplate and Annotation access from gamma role ( #24826 )
2023-08-24 16:39:56 -07:00
John Bodley
60889d27ed
fix: Native filter dashboard RBAC aware dataset permission ( #25029 )
2023-08-22 09:58:43 -07:00
John Bodley
3f93755be2
fix: Address regression introduced in #24789 ( #25008 )
2023-08-18 09:27:34 -07:00
John Bodley
7397ab36f2
fix: Dashboard aware RBAC dataset permission ( #24789 )
2023-08-04 11:53:34 -07:00
John Bodley
1b5a6790f0
chore: Remove obsolete legacy visualizations ( #24694 )
2023-07-18 08:17:52 -07:00
John Bodley
3e76736874
chore(dao): Organize DAOs according to SIP-92 ( #24331 )
...
Co-authored-by: JUST.in DO IT <justin.park@airbnb.com >
2023-06-18 18:32:32 -07:00