mirror of
https://github.com/apache/superset.git
synced 2026-04-18 07:35:09 +00:00
dee16de03e
* Support and apply filters. * Added the UI for row level security, and moved it all under SQLA in order to access the Table model more easily. * Added a row level security filter documentation entry. * Accidentally added two new lines to this file. * Blacked and iSorted, hopefully. Also, sometimes g.user may not be set. * Another isort, and handling g not having a user attribute another way. * Let's try this again #CI tests. * Adjusted import order for isort; I was sure I'd already done this.. * Row level filters should be wrapped in parentheses in case one contains an OR. * Oops, did not think that would change Black's formatting. * Changes as per @mistercrunch. * RLS filters are now many-to-many with Roles. * Updated documentation to reflect RLS filters supporting multiple rows. * Let's see what happens when I set it to the previous revision ID * Updated from upstream. * There was a pylint error. * Added RLS ids to the cache keys; modified documentation; added template processing to RLS filters. * A new migration was merged in. * Removed RLS cache key from query_object. * RLS added to the cache_key from query_context. * Changes as per @etr2460. * Updating entry for RLS pull request. * Another migration to skip. * Changes as per @serenajiang. * Blacked. * Blacked and added some attributes to check for. * Changed to a manual query as per @mistercrunch. * Blacked. * Another migration in the meantime. * Black wanted some whitespace changes. * AttributeError: 'AnonymousUserMixin' object has no attribute 'id'. * Oops, did hasattr backwards. * Changes as per @mistercrunch. * Doesn't look like text us required here anymore. * Changes as per @dpgaspar * Two RLS tests. * Row level security is now disabled by default via the feature flag ENABLE_ROW_LEVEL_SECURITY. * New head to revise. * Changed the comment.
62 lines
2.3 KiB
Python
62 lines
2.3 KiB
Python
# Licensed to the Apache Software Foundation (ASF) under one
|
|
# or more contributor license agreements. See the NOTICE file
|
|
# distributed with this work for additional information
|
|
# regarding copyright ownership. The ASF licenses this file
|
|
# to you under the Apache License, Version 2.0 (the
|
|
# "License"); you may not use this file except in compliance
|
|
# with the License. You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing,
|
|
# software distributed under the License is distributed on an
|
|
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
|
# KIND, either express or implied. See the License for the
|
|
# specific language governing permissions and limitations
|
|
# under the License.
|
|
"""add_role_level_security
|
|
|
|
Revision ID: 0a6f12f60c73
|
|
Revises: 3325d4caccc8
|
|
Create Date: 2019-12-04 17:07:54.390805
|
|
|
|
"""
|
|
|
|
# revision identifiers, used by Alembic.
|
|
revision = "0a6f12f60c73"
|
|
down_revision = "3325d4caccc8"
|
|
|
|
import sqlalchemy as sa
|
|
from alembic import op
|
|
|
|
|
|
def upgrade():
|
|
op.create_table(
|
|
"row_level_security_filters",
|
|
sa.Column("created_on", sa.DateTime(), nullable=True),
|
|
sa.Column("changed_on", sa.DateTime(), nullable=True),
|
|
sa.Column("id", sa.Integer(), nullable=False),
|
|
sa.Column("table_id", sa.Integer(), nullable=False),
|
|
sa.Column("clause", sa.Text(), nullable=False),
|
|
sa.Column("created_by_fk", sa.Integer(), nullable=True),
|
|
sa.Column("changed_by_fk", sa.Integer(), nullable=True),
|
|
sa.ForeignKeyConstraint(["changed_by_fk"], ["ab_user.id"]),
|
|
sa.ForeignKeyConstraint(["created_by_fk"], ["ab_user.id"]),
|
|
sa.ForeignKeyConstraint(["table_id"], ["tables.id"]),
|
|
sa.PrimaryKeyConstraint("id"),
|
|
)
|
|
op.create_table(
|
|
"rls_filter_roles",
|
|
sa.Column("id", sa.Integer(), nullable=False),
|
|
sa.Column("role_id", sa.Integer(), nullable=False),
|
|
sa.Column("rls_filter_id", sa.Integer(), nullable=True),
|
|
sa.ForeignKeyConstraint(["rls_filter_id"], ["row_level_security_filters.id"]),
|
|
sa.ForeignKeyConstraint(["role_id"], ["ab_role.id"]),
|
|
sa.PrimaryKeyConstraint("id"),
|
|
)
|
|
|
|
|
|
def downgrade():
|
|
op.drop_table("rls_filter_roles")
|
|
op.drop_table("row_level_security_filters")
|