Files
superset2/superset/models/user_attributes.py
2026-06-11 22:23:10 -07:00

65 lines
2.7 KiB
Python

# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
from flask_appbuilder import Model
from sqlalchemy import (
Boolean,
Column,
DateTime,
ForeignKey,
Integer,
String,
UniqueConstraint,
)
from sqlalchemy.orm import relationship
from superset import security_manager
from superset.models.helpers import AuditMixinNullable
class UserAttribute(Model, AuditMixinNullable):
"""
Custom attributes attached to the user.
Extending the user attribute is tricky due to its dependency on the
authentication type and circular dependencies in Superset. Instead, we use
a custom model for adding attributes.
"""
__tablename__ = "user_attribute"
# One attribute row per user; readers rely on ``extra_attributes[0]`` and the
# session-invalidation upsert depends on this for race safety.
__table_args__ = (UniqueConstraint("user_id", name="uq_user_attribute_user_id"),)
id = Column(Integer, primary_key=True)
user_id = Column(Integer, ForeignKey("ab_user.id"))
user = relationship(
security_manager.user_model, backref="extra_attributes", foreign_keys=[user_id]
)
welcome_dashboard_id = Column(Integer, ForeignKey("dashboards.id"))
welcome_dashboard = relationship("Dashboard")
avatar_url = Column(String(100))
# When set, any session for this user whose login predates this timestamp
# is forced to log out (see ``superset.security.session_invalidation``).
# Stamped when the account is disabled, so outstanding sessions terminate
# regardless of the session backend. NULL means "never invalidated".
sessions_invalidated_at = Column(DateTime, nullable=True, index=True)
# When True, the user must change their password before they can use the
# rest of the app (enforced by the before-request hook in
# superset.security.password_change when ENABLE_FORCE_PASSWORD_CHANGE is on).
password_must_change = Column(Boolean, nullable=False, default=False)