* Require the SQLAlchemy URI when creating a database
* Add migration to make dbs.sqlalchemy_uri not-nullable
* Fixes for black, isort, tests
* Alter migration to use current revision from master as downgrade target
* Update tests to support new db constraint
* black
* re-enable pylint for superset/config.py
* re-enable pylint on superset/migrations/env.py
* re-enable pylint for superset/legacy.py
* re-enable pylint for superset/forms.py
* re-enable pylint for superset/stats_logger.py
* Tweaks to make mypy and pylint happy
* black
* Build support for schema access in Superset and SQLab
* Lint
* Test for old and new flask
* Black formatting
* Cleanup modified files
* Support schema permissions
* Add migration
* Make it work for slices as well
* TODO and remove unused field
* Apply schema access check to dashboards as well
Cleaner schema permissions check
Fetch schema permissions in 1 query
Bugfix
Better datasource check
Use security manager for permissions checks and remove dead code
Properly handle anon user
Add database permissions on the database updates
Fix schema filtering
Lint / flake changes
Increase cypress request timeout
Run black
Resolve multiple alembic heads
* Use set comprehensions
* Fixes for the pylint
* Fix column type on dbs.encrypted_extra
* Add instructions for testing migration downgrades
* Account for non-Postgres DBs in migration
* Use batch_alter_table to make SQLite happy
* Another CI-appeasing tweak
* Typo fix in CONTRIBUTING.md
* Alter references to config.get('FOO') to use preferred config['FOO']
* Set missing configuration constants in superset/config.py
* Misc. CI fixes
* Add type annotation for FEATURE_FLATGS
* chore: deprecate restricted metrics
An early community contribution added the concept of restricted metrics.
The idea was to allow for some metrics to be restricted, and if a metric
was tagged as such, a user would need to be given access to that metric
more explicitely, through a special perm we would maintain for that
metric.
Now since the new concept of "Adhoc Metrics", the popover that lets a
user pick a column and an aggregate function or to write their own SQL
expression inline, this restriction is completely bypassed. Adhoc
metrics was developed without the restricted metrics in mind.
Anyhow, in the near future, we'll be rethinking the ideas behind
data-access permissions, and things like column-level or row-level
security will be redesigned from scratch.
By deprecating this feature, we're removing a confusing and mostly broken
feature, and making it easy to move forward
* Use context manager to drop columns
* disable jest's maxWorkers
1. remove duplicated entries in many-to-many relation tbl dashboard_slices
2. add unique constraint on tbl
3. update the model to include the uniqueness constraint
* Allow users to publish dashboards
* Rework publish dashboards feature
- The eye next to the title has been replaced with a [draft] badge
- Published status is now toggled in the Header Action Dropdown
- CRUD list shows published status
* Fix linter errors
* Update javascript tests
* Add tests and change DashboardFilter
Add some tests to make sure the published status is rendered and
Make it so that users cannot see dashboards that are published
if they don't have access to any of the slices within
* Fix some linter errors
* Remove commas from core.py
* Fix some failing tests
* More linter errors I introduced
* Fix more linter errors I introduced
* update alembic migration
* Update design of publish dash feature
* Upgrade migration version
* Secure publish endpoint
* Remove bad quotes
* Give publish span its own style
* fix publish rendering
* Add new test for publish feature
* Update migration
* update slug in test
* Update migration
* Address reviwer comments
* Fix linter errors
* Add licenses
* Remove fetchPublished(), use bootstrap data
* Update migration
* Update croniter to existing version
* Fix linter errors
* Upgrade DB Revisions
* Fix flake8 linter error
* Set all dashboards to published on migration
* Migration proper line spacing
* Fix migration to work with postgres
* UPDATE statement works with postgresql and sqlite hopefully
* Update wording to kick off travis
* [migration] Fixing issue with fb13d49b72f9 downgrade
This PR fixes an issue with the downgrade step of migration fb13d49b72f9 which wrongfully labeled the field `metrics` rather than `metric`.
to: @graceguo-supercat @michellethomas @mistercrunch
* Update fb13d49b72f9_better_filters.py
* Add HTTP Basic Auth for Druid (Issue #4776)
This should resolve [Issue #4776](https://github.com/apache/incubator-superset/issues/4776)
Add HTTP Basic Auth to the Druid Broker.
Signed-off-by: Don Bowman <don@agilicus.com>
* Encrypt broker password in database
Signed-off-by: Don Bowman <don@agilicus.com>
* Merge from master, new migration needed
Signed-off-by: Don Bowman <don@agilicus.com>
* Do not expose hashed druid basic auth password
* docs: add description_columns for druid basic auth
* Bump sqla to >=1.3.1
* Refine mssql column types to only use N-prefixing when necessary
* make join explicit
* replace set with list
* Add additional test case for N-prefix
* Replace engine with dialect and fix linting error
* Remove unneeded import
This PR removes the iteration over charts, dashboards and saved queries to create tags in the original migration, leaving only the logic to create the tags and the tagged objects tables.
Tested locally by running `superset db downgrade` to revert to the previous migration and then running `superset db upgrade` to the current version.
This PR introduces the backend changes for a tagging system for Superset, allowing dashboards, charts and queries to be tagged. It also allows searching for a given tag, and will be the basis for a new landing page (see #5327).
# Implicit tags
Dashboard, chart and (saved) queries have implicit tags related to their owners, types and favorites. For example, all objects owned by the admin have the tag `owner:1`. All charts have the tag `type:chart`. Objects favorited by the admin have the tag `favorited_by:1`.
These tags are automatically added by a migration script, and kept in sync through SQLAlchemy event listeners. They are currently not surfaced to the user, but can be searched for. For example, it's possible to search for `owner:1` in the welcome page to see all objects owned by the admin, or even search for `owner:{{ current_user_id() }}`.
* Revert "creating new circular-json safe stringify and replacing one call (#6772)"
This reverts commit 11a7ad00b7.
* Revert "Improve Unicode support for MSSQL (#6690)"
This reverts commit c44ae612df.
* Revert "Fix uniqueness constraints on tables table (#6718)"
This reverts commit c4fb7a0a87.
Summary: Superset code enforces (in Table crud view pre_add) that the
table is unique within <database, schema, table_name). Indeed in commit
15b67b2c6c (in 2016), the model was
updated to reflect that. However, it was never ported over to a
migration.
I am fixing that in this diff. I am choosing to make this be a new
migration instead of fixing an existing one since I want to fix existing
installations also cleanly.
I also considered removing the uniqueness constraint, but that won't
work: First because anyway there are other places where the <database,
schema, table> uniqueness is enforced in code. But also, the .sql field
isn't a first citizen yet: The schema of the table is picked up from the
table-name and the sql part is only used when creating the explore
query. So indeed we want this uniqueness constraint. (Also it breaks the
unit tests in dict_import_export_tests.py)
[Perhaps it can be removed when we have true .sql support, but for now
the user would have to create a database view and he can use that as the
'table name'. That way he gets schema inference also]
Also added INFO logging to the alembic migration.
* Add licenses
* More licenses
* Ignore messages.json as they are generated
* More licenses
* Also typescript
* Fix alignment
* Add to svg
* Many more licenses
* more licenses
* Better excludes
* Add licenses to docs and md files
* Pre-finalize licenses
* Fix newlines
* Finalize all sourde licenses
* Fix lint
