QT/superset2
1
0
Fork 0
mirror of https://github.com/apache/superset.git synced 2026-05-22 00:05:15 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
6d691b5070aa3d032d2db72cbfe5d7c3c49b878e
superset2/superset
History
Amin Ghadersohi 6d691b5070 fix(mcp): address remaining code review findings for RBAC tool visibility 
- app.py: clarify execute_sql requires SQL Lab access (not write access)
  in both the instructions preamble and Permission Awareness section
- auth.py: add log_denial param to check_tool_permission() to suppress
  noisy WARNING logs during tools/list scanning; downgrade "No authenticated
  user found" from ERROR to DEBUG in _setup_user_context
- middleware.py: fail completely closed (return []) on credential failures
  instead of returning tools with no class_permission_name, which could
  include protect=True tools requiring auth; remove _public_tools_only helper
- server.py: catch PermissionError (invalid API key) in addition to
  ValueError in _tool_allowed_for_current_user
- tests: add tests for fail-closed branches (PermissionError, bad ValueError,
  and no-auth-configured ValueError in RBACToolVisibilityMiddleware)
2026-05-15 00:14:15 +00:00
..
advanced_data_type
chore: bump rison to 2.0.0 (#39529)
2026-04-24 15:52:42 -04:00
annotation_layers
chore: bump rison to 2.0.0 (#39529)
2026-04-24 15:52:42 -04:00
async_events
available_domains
cachekeys
charts
chore: bump rison to 2.0.0 (#39529)
2026-04-24 15:52:42 -04:00
cli
fix(re-encrypt): handle non-id PKs and make command idempotent (#40079)
2026-05-12 17:59:52 -07:00
columns
commands
fix(dashboard): use datasetUuid instead of datasetId in display controls export/import (SC-104655) (#40008)
2026-05-14 10:18:57 -07:00
common
fix(sql): quote identifiers in transpile_to_dialect to fix case-sensitive column filters (#39521)
2026-05-06 10:53:09 +03:00
connectors
fix(rls): prevent double-apply when converting physical dataset to virtual (#39725)
2026-05-14 18:05:48 +03:00
core
feat: semantic layer extension (#37815)
2026-05-05 12:07:46 -04:00
css_templates
chore: bump rison to 2.0.0 (#39529)
2026-04-24 15:52:42 -04:00
daos
feat: semantic layer extension (#37815)
2026-05-05 12:07:46 -04:00
dashboards
fix(reports): preserve urlParams in multi-tab report fan-out (#39884)
2026-05-06 16:29:45 +02:00
databases
feat: support creating datasets for schema-less databases (#39433)
2026-05-11 08:30:13 -04:00
datasets
fix(clickhouse): prevent expensive table scan (#39867)
2026-05-04 19:39:10 -04:00
datasource
feat: semantic layer extension (#37815)
2026-05-05 12:07:46 -04:00
db_engine_specs
fix(spark): register Spark SQLAlchemy dialect so spark:// URIs resolve to SparkEngineSpec (#38299)
2026-05-12 12:33:17 -04:00
distributed_lock
embedded
embedded_dashboard
examples
explorables
feat: semantic layer extension (#37815)
2026-05-05 12:07:46 -04:00
explore
extensions
fix(db): Add MariaDB DDL fix for NOCYCLE syntax (#37582)
2026-04-22 19:01:20 -04:00
importexport
fix(importexport): honor overwrite flag on /api/v1/assets/import (#39502)
2026-05-11 10:24:42 -07:00
initialization
feat: semantic layer extension (#37815)
2026-05-05 12:07:46 -04:00
key_value
mcp_service
fix(mcp): address remaining code review findings for RBAC tool visibility
2026-05-15 00:14:15 +00:00
migrations
feat: semantic layer extension (#37815)
2026-05-05 12:07:46 -04:00
models
fix(rls): prevent double-apply when converting physical dataset to virtual (#39725)
2026-05-14 18:05:48 +03:00
queries
fix(query-history): enable sorting by Duration column (#39637)
2026-04-28 08:49:58 -03:00
reports
chore: bump rison to 2.0.0 (#39529)
2026-04-24 15:52:42 -04:00
row_level_security
chore: bump rison to 2.0.0 (#39529)
2026-04-24 15:52:42 -04:00
security
feat: semantic layer extension (#37815)
2026-05-05 12:07:46 -04:00
semantic_layers
feat: semantic layer extension (#37815)
2026-05-05 12:07:46 -04:00
sql
feat(sqlglot): Vertica dialect (#39969)
2026-05-08 14:34:34 -03:00
sql_validators
feat(sqllab): syntax validation for sqlite-based DB engine specs (#38698)
2026-04-20 18:29:51 -04:00
sqllab
fix(sqllab): missing estimate action button (#40101)
2026-05-14 14:43:07 -07:00
static
tables
tags
chore: bump rison to 2.0.0 (#39529)
2026-04-24 15:52:42 -04:00
tasks
fix(OAuth2): Support OAuth2 exception with legacy endpoint (#39897)
2026-05-05 21:21:48 -03:00
templates
fix(reports): keep body sized so standalone screenshots don't time out (#39944)
2026-05-07 12:26:50 +02:00
temporary_cache
themes
chore: bump rison to 2.0.0 (#39529)
2026-04-24 15:52:42 -04:00
thumbnails
translations
fix(i18n): update Russian translations (#39589)
2026-05-06 13:05:23 -04:00
utils
fix(rls): prevent double-apply when converting physical dataset to virtual (#39725)
2026-05-14 18:05:48 +03:00
views
fix(OAuth2): Support OAuth2 exception with legacy endpoint (#39897)
2026-05-05 21:21:48 -03:00
__init__.py
app.py
fix(deploy): prevent double-prefix of logo URL in subdirectory deployments (#39472)
2026-05-11 21:13:26 -07:00
config.py
docs: Update documentation link for ENABLE_SUPERSET_META_DB (#40076)
2026-05-12 20:39:39 -07:00
constants.py
custom_database_errors.py
dataframe.py
errors.py
exceptions.py
fix(db oauth2): Improve OAuth2 flow (#39499)
2026-04-21 11:54:52 -03:00
forms.py
jinja_context.py
fix(jinja): drill-to-detail respects remove_filter=True in Jinja templates (#39594)
2026-04-23 16:11:13 -03:00
legacy.py
result_set.py
fix(SQL Lab): handle columns without names (#38986)
2026-04-06 10:09:16 -04:00
schemas.py
sql_lab.py
stats_logger.py
superset_typing.py
feat: semantic layer extension (#37815)
2026-05-05 12:07:46 -04:00
viz.py
fix(viz): flatten MultiIndex columns in Time-Series Table for multiple Group By (#37869)
2026-05-08 16:11:13 -07:00