Commit Graph

246 Commits

Author SHA1 Message Date
Ville Brofeldt
2112fbd379 feat(subjects): add read-only Subject REST API and DAO (#41897) 2026-07-10 04:29:34 -07:00
Gabriel Torres Ruiz
1fd43ffe52 feat(mcp): scope embedded-guest data reads to the token's dashboards (#41753) 2026-07-09 14:58:01 -03:00
Ville Brofeldt
33f0fc93ed feat: introduce Subject model and entity editors/viewers (#38831) 2026-07-08 11:00:03 -07:00
Mike Bridge
04f8b700d7 feat(datasets): soft-delete and restore (#40130)
Co-authored-by: Mike Bridge <michael.bridge@ext.preset.io>
Co-authored-by: Claude Fable 5 <noreply@anthropic.com>
2026-07-07 08:57:08 -07:00
Yuriy Krasilnikov
ab0e77c1cb fix(embedded): allow guest users to sort by visible columns (#37371)
Co-authored-by: Amin Ghadersohi <amin.ghadersohi@gmail.com>
Co-authored-by: Claude Fable 5 <noreply@anthropic.com>
2026-07-02 15:50:56 -07:00
Evan Rusackas
adc03ce525 refactor: make import/expression layer SQLAlchemy 2.0-compatible (#41179)
Co-authored-by: Claude Code <noreply@anthropic.com>
2026-06-29 11:38:59 -07:00
Evan Rusackas
5e8a0c0244 fix(embedded): allow guest users to sort table columns in embedded dashboards (#41218)
Co-authored-by: Claude Code <noreply@anthropic.com>
2026-06-23 10:10:55 -07:00
Harshit-Tiwary
36781fbf47 fix(i18n): wrap table access error message with gettext for translation (#38489)
Co-authored-by: Evan <evan@preset.io>
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-22 20:28:05 -07:00
Alexandru Soare
6d08e79259 feat(security): Add extension hooks for custom access control, ownership, and asset lifecycle (#40707) 2026-06-16 15:25:03 +03:00
Evan Rusackas
e16bb29faf fix(embedded): allow guests to apply a Time Grain native filter (#32768) (#41017)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Claude Fable 5 <noreply@anthropic.com>
2026-06-15 15:22:21 -07:00
Shaitan
aa3d2b9e81 fix(dashboard): validate native-filter data requests against filter targets (#40979)
Co-authored-by: sha174n <pedro.sousa@preset.io>
Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-13 19:02:28 +01:00
Evan Rusackas
814b72c6f9 feat(security): force password change on first use (opt-in) (#40669)
Co-authored-by: Claude Code <noreply@anthropic.com>
2026-06-11 22:23:10 -07:00
Evan Rusackas
663b47aa75 feat: support guest-token revocation per embedded dashboard (#40676)
Co-authored-by: Claude Code <noreply@anthropic.com>
2026-06-11 19:37:22 -07:00
Evan Rusackas
9938ee273f feat: terminate active sessions when an account is disabled (#40695)
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-11 19:37:13 -07:00
Evan Rusackas
5a0e3f15ca feat(embedded): add guest token revocation support (#40671)
Co-authored-by: Claude Code <noreply@anthropic.com>
2026-06-10 09:17:30 -07:00
Amin Ghadersohi
7d69f76127 fix(mcp): API key authentication for MCP — transport, validation, and RBAC (#39604) 2026-06-04 15:04:43 -04:00
Shaitan
faa76f6741 fix(embedding): add optional dataset allowlist to guest tokens (#39302)
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-06-03 12:55:09 +01:00
Shaitan
6eaee211aa fix(sqllab): require dataset match for raw query access (#40409)
Co-authored-by: Claude Opus 4.7 <noreply@anthropic.com>
2026-06-02 21:50:27 +01:00
Michael Gerber
041ecbc248 fix(embedded): resolve guest user permissions in user_view_menu_names (#39197)
Co-authored-by: Evan Rusackas <evan@preset.io>
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Claude Code <noreply@anthropic.com>
2026-06-01 10:30:05 -07:00
Mike Bridge
b2320820b4 feat(core): SoftDeleteMixin and restore infrastructure (#39977)
Co-authored-by: Mike Bridge <michael.bridge@ext.preset.io>
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-29 13:08:10 -07:00
Shaitan
f663f47628 fix(embedding): require non-default JWT secret when embedded dashboards are enabled (#39999)
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-28 14:26:40 -07:00
Beto Dealmeida
cb53745d43 feat: semantic layer extension (#37815) 2026-05-05 12:07:46 -04:00
Daniel Vaz Gaspar
f6c5219e89 fix(security): add UserSAMLModelView to USER_MODEL_VIEWS (#39568)
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-22 17:47:41 +01:00
Vitor Avila
c7955a38ef fix: Drill to Detail for Embedded (#39214)
Co-authored-by: Maxime Beauchemin <maximebeauchemin@gmail.com>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-09 17:01:48 -03:00
Daniel Vaz Gaspar
5815665cc6 feat: role/user CRUD events and login/logout tracking in the action log (#39121)
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-09 15:55:25 +01:00
Ville Brofeldt
e56f8cc4fb fix(security_manager): custom auth_view issue (#39098) 2026-04-06 09:04:59 -07:00
Mehmet Salih Yavuz
95f61bd223 fix: add parent_slice_id for multilayer charts to embed (#38243) 2026-03-12 21:21:43 +03:00
Enzo Martellucci
a17f38a4e2 fix(embedded): add CurrentUserRestApi read permission to Public role defaults (#38474) 2026-03-10 00:08:37 +01:00
Hugh A. Miles II
61fbfda501 feat(security): add granular export controls (Phase 1) (#38361) 2026-03-09 16:44:56 -04:00
Kamil Gabryjelski
3e3c9686de perf(dashboard): Batch RLS filter lookups for dashboard digest computation (#37941) 2026-02-16 21:35:55 +01:00
Alexandru Soare
9ea5ded988 fix(dashboard): Prevent fatal error when database connection is unavailable (#37576) 2026-02-06 20:52:17 -08:00
Martyn Gigg
e4f649e49c fix(superset-frontend): Fixes for broken functionality when an application root is defined (#36058) 2026-01-23 14:13:48 -08:00
Sam Firke
2c1a33fd32 fix(roles): allow Public role to read themes (#37295) 2026-01-21 10:52:42 -08:00
Evan Rusackas
5909e90081 feat(security): add built-in Public role for anonymous dashboard access (#36548)
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-05 10:27:10 -08:00
Beto Dealmeida
ecb4e483df fix: apply EXCLUDE_USERS_FROM_LISTS to /api/v1/security/users/ (#36742)
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
2025-12-23 15:18:34 -08:00
Shunki
440cbc4c1f fix(roles): Add missing SQLLab permissions for estimate and format (#36263) 2025-12-08 14:40:38 -08:00
Beto Dealmeida
16e6452b8c feat: Explorable protocol (#36245) 2025-12-04 13:18:34 -05:00
Amin Ghadersohi
92d8139136 fix(security): enable AUTH_RATE_LIMITED to work correctly (#36195)
Co-authored-by: Joe Li <joe@preset.io>
2025-11-20 10:23:49 -08:00
Ville Brofeldt
c2baba50f9 chore: abstract models and daos into superset-core (#35259) 2025-11-14 17:00:44 -08:00
Beto Dealmeida
f3e620cd0f fix: RLS in virtual datasets (#36061) 2025-11-14 14:21:09 -05:00
Tran Ngoc Tuan
04b1a45416 fix(security-manager): switch from deprecated get_session to session attribute (#35290) 2025-10-03 14:47:35 -07:00
Daniel Vaz Gaspar
a9fb853e3e fix: Bump FAB to 5.X (#33055)
Co-authored-by: Joe Li <joe@preset.io>
2025-09-12 09:21:37 +01:00
Michael S. Molina
a8be5a5a0c chore: Extensions architecture POC (#31934)
Co-authored-by: Ville Brofeldt <ville.brofeldt@apple.com>
Co-authored-by: Ville Brofeldt <ville@Villes-MacBook-Pro-2024.local>
Co-authored-by: Ville Brofeldt <v_brofeldt@apple.com>
2025-08-22 21:25:52 -03:00
Michael S. Molina
e1234b2264 fix: User-provided Jinja template parameters causing SQL parsing errors (#34802) 2025-08-22 14:39:14 -03:00
Le Xich Long
6d827cf905 fix(security): grant TableSchemaView to only sql_lab role (#32340) 2025-08-12 13:45:36 -07:00
Vitor Avila
22b44421a4 fix: Fix Slice import on has_drill_by_access (#34644) 2025-08-11 19:51:15 -03:00
Vitor Avila
49689eec6c feat: Enable drilling in embedded (#34319) 2025-08-05 02:23:00 -03:00
Maxime Beauchemin
cb27d5fe8d chore: proper current_app.config proxy usage (#34345)
Co-authored-by: Claude <noreply@anthropic.com>
2025-07-31 19:27:42 -07:00
JUST.in DO IT
96cb6030c8 fix(explore): Display missing dataset for denied access (#34129) 2025-07-16 13:36:03 -07:00
Mehmet Salih Yavuz
a13a590796 feat(User Registrations): Migrate user registrations fab view (#33631) 2025-06-25 14:26:21 +02:00