def test_filter_druid_datasource(self):
CLUSTER_NAME = 'new_druid'
cluster = self.get_or_create(
DruidCluster,
{'cluster_name': CLUSTER_NAME},
db.session)
db.session.merge(cluster)
gamma_ds = self.get_or_create(
DruidDatasource, {'datasource_name': 'datasource_for_gamma'},
db.session)
gamma_ds.cluster = cluster
db.session.merge(gamma_ds)
no_gamma_ds = self.get_or_create(
DruidDatasource, {'datasource_name': 'datasource_not_for_gamma'},
db.session)
no_gamma_ds.cluster = cluster
db.session.merge(no_gamma_ds)
db.session.commit()
security.merge_perm(sm, 'datasource_access', gamma_ds.perm)
security.merge_perm(sm, 'datasource_access', no_gamma_ds.perm)
perm = sm.find_permission_view_menu(
'datasource_access', gamma_ds.get_perm())
sm.add_permission_role(sm.find_role('Gamma'), perm)
sm.get_session.commit()
self.login(username='******')
url = '/druiddatasourcemodelview/list/'
resp = self.get_resp(url)
self.assertIn('datasource_for_gamma', resp)
self.assertNotIn('datasource_not_for_gamma', resp)
def test_clean_requests_after_db_grant(self):
session = db.session
# Case 3. Two access requests from gamma and gamma2
# Gamma gets database access, gamma2 access request granted
# Check if request by gamma has been deleted
gamma_user = sm.find_user(username='******')
access_request1 = create_access_request(session, 'table', 'long_lat',
TEST_ROLE_1, 'gamma')
access_request2 = create_access_request(session, 'table', 'long_lat',
TEST_ROLE_2, 'gamma2')
ds_1_id = access_request1.datasource_id
# gamma gets granted database access
database = session.query(models.Database).first()
security.merge_perm(sm, 'database_access', database.perm)
ds_perm_view = sm.find_permission_view_menu('database_access',
database.perm)
sm.add_permission_role(sm.find_role(DB_ACCESS_ROLE), ds_perm_view)
gamma_user.roles.append(sm.find_role(DB_ACCESS_ROLE))
session.commit()
access_requests = self.get_access_requests('gamma', 'table', ds_1_id)
self.assertTrue(access_requests)
# gamma2 request gets fulfilled
self.client.get(
EXTEND_ROLE_REQUEST.format('table', ds_1_id, 'gamma2',
TEST_ROLE_2))
access_requests = self.get_access_requests('gamma', 'table', ds_1_id)
self.assertFalse(access_requests)
gamma_user = sm.find_user(username='******')
gamma_user.roles.remove(sm.find_role(DB_ACCESS_ROLE))
session.commit()
def test_clean_requests_after_db_grant(self):
session = db.session
# Case 3. Two access requests from gamma and gamma2
# Gamma gets database access, gamma2 access request granted
# Check if request by gamma has been deleted
gamma_user = sm.find_user(username='******')
access_request1 = create_access_request(
session, 'table', 'long_lat', TEST_ROLE_1, 'gamma')
create_access_request(
session, 'table', 'long_lat', TEST_ROLE_2, 'gamma2')
ds_1_id = access_request1.datasource_id
# gamma gets granted database access
database = session.query(models.Database).first()
security.merge_perm(
sm, 'database_access', database.perm)
ds_perm_view = sm.find_permission_view_menu(
'database_access', database.perm)
sm.add_permission_role(
sm.find_role(DB_ACCESS_ROLE), ds_perm_view)
gamma_user.roles.append(sm.find_role(DB_ACCESS_ROLE))
session.commit()
access_requests = self.get_access_requests('gamma', 'table', ds_1_id)
self.assertTrue(access_requests)
# gamma2 request gets fulfilled
self.client.get(EXTEND_ROLE_REQUEST.format(
'table', ds_1_id, 'gamma2', TEST_ROLE_2))
access_requests = self.get_access_requests('gamma', 'table', ds_1_id)
self.assertFalse(access_requests)
gamma_user = sm.find_user(username='******')
gamma_user.roles.remove(sm.find_role(DB_ACCESS_ROLE))
session.commit()
def post_add(self, table):
table.fetch_metadata()
security.merge_perm(sm, 'datasource_access', table.get_perm())
if table.schema:
security.merge_perm(sm, 'schema_access', table.schema_perm)
flash(
_("The table was created. As part of this two phase configuration "
"process, you should now click the edit button by "
"the new table to configure it."), "info")
def post_add(self, datasource, flash_message=True):
datasource.get_metadata()
security.merge_perm(security_manager, 'datasource_access',
datasource.get_perm())
if flash_message:
flash(
_('The datasource was created. '
'As part of this two phase configuration '
'process, you should now click the edit button by '
'the new datasource to configure it.'), 'info')
def post_add(self, table, flash_message=True):
table.fetch_metadata()
security.merge_perm(sm, 'datasource_access', table.get_perm())
if table.schema:
security.merge_perm(sm, 'schema_access', table.schema_perm)
if flash_message:
flash(_(
'The table was created. '
'As part of this two phase configuration '
'process, you should now click the edit button by '
'the new table to configure it.'), 'info')
def post_add(self, table, flash_message=True):
table.fetch_metadata()
security.merge_perm(sm, 'datasource_access', table.get_perm())
if table.schema:
security.merge_perm(sm, 'schema_access', table.schema_perm)
if flash_message:
flash(
_('The table was created. '
'As part of this two phase configuration '
'process, you should now click the edit button by '
'the new table to configure it.'), 'info')
def test_clean_requests_after_schema_grant(self):
session = db.session
# Case 4. Two access requests from gamma and gamma2
# Gamma gets schema access, gamma2 access request granted
# Check if request by gamma has been deleted
gamma_user = sm.find_user(username='******')
access_request1 = create_access_request(session, 'table',
'wb_health_population',
TEST_ROLE_1, 'gamma')
access_request2 = create_access_request(session, 'table',
'wb_health_population',
TEST_ROLE_2, 'gamma2')
ds_1_id = access_request1.datasource_id
ds = session.query(models.SqlaTable).filter_by(
table_name='wb_health_population').first()
ds.schema = 'temp_schema'
security.merge_perm(sm, 'schema_access', ds.schema_perm)
schema_perm_view = sm.find_permission_view_menu(
'schema_access', ds.schema_perm)
sm.add_permission_role(sm.find_role(SCHEMA_ACCESS_ROLE),
schema_perm_view)
gamma_user.roles.append(sm.find_role(SCHEMA_ACCESS_ROLE))
session.commit()
# gamma2 request gets fulfilled
self.client.get(
EXTEND_ROLE_REQUEST.format('table', ds_1_id, 'gamma2',
TEST_ROLE_2))
access_requests = self.get_access_requests('gamma', 'table', ds_1_id)
self.assertFalse(access_requests)
gamma_user = sm.find_user(username='******')
gamma_user.roles.remove(sm.find_role(SCHEMA_ACCESS_ROLE))
ds = session.query(models.SqlaTable).filter_by(
table_name='wb_health_population').first()
ds.schema = None
session.commit()
def test_clean_requests_after_schema_grant(self):
session = db.session
# Case 4. Two access requests from gamma and gamma2
# Gamma gets schema access, gamma2 access request granted
# Check if request by gamma has been deleted
gamma_user = sm.find_user(username='******')
access_request1 = create_access_request(
session, 'table', 'wb_health_population', TEST_ROLE_1, 'gamma')
access_request2 = create_access_request(
session, 'table', 'wb_health_population', TEST_ROLE_2, 'gamma2')
ds_1_id = access_request1.datasource_id
ds = session.query(SqlaTable).filter_by(
table_name='wb_health_population').first()
ds.schema = 'temp_schema'
security.merge_perm(
sm, 'schema_access', ds.schema_perm)
schema_perm_view = sm.find_permission_view_menu(
'schema_access', ds.schema_perm)
sm.add_permission_role(
sm.find_role(SCHEMA_ACCESS_ROLE) , schema_perm_view)
gamma_user.roles.append(sm.find_role(SCHEMA_ACCESS_ROLE))
session.commit()
# gamma2 request gets fulfilled
self.client.get(EXTEND_ROLE_REQUEST.format(
'table', ds_1_id, 'gamma2', TEST_ROLE_2))
access_requests = self.get_access_requests('gamma', 'table', ds_1_id)
self.assertFalse(access_requests)
gamma_user = sm.find_user(username='******')
gamma_user.roles.remove(sm.find_role(SCHEMA_ACCESS_ROLE))
ds = session.query(SqlaTable).filter_by(
table_name='wb_health_population').first()
ds.schema = None
session.commit()
def post_add(self, metric):
if metric.is_restricted:
security.merge_perm(sm, 'metric_access', metric.perm)
def __init__(self, *args, **kwargs):
super(SqlLabTests, self).__init__(*args, **kwargs)
gamma_sqllab = appbuilder.sm.find_role('gamma_sqllab')
security.merge_perm(sm, 'database_access',
self.get_main_database(db.session).perm)
def __init__(self, *args, **kwargs):
super(SqlLabTests, self).__init__(*args, **kwargs)
gamma_sqllab = appbuilder.sm.find_role('gamma_sqllab')
security.merge_perm(sm, 'database_access', self.get_main_database(db.session).perm)
def post_add(self, datasource):
datasource.generate_metrics()
security.merge_perm(sm, 'datasource_access', datasource.get_perm())
if datasource.schema:
security.merge_perm(sm, 'schema_access', datasource.schema_perm)
def post_update(self, metric):
if metric.is_restricted:
security.merge_perm(sm, 'metric_access', metric.get_perm())
def __init__(self, *args, **kwargs):
if (
self.requires_examples and
not os.environ.get('SOLO_TEST') and
not os.environ.get('examples_loaded')
):
logging.info("Loading examples")
cli.load_examples(load_test_data=True)
logging.info("Done loading examples")
sync_role_definitions()
os.environ['examples_loaded'] = '1'
else:
sync_role_definitions()
super(SupersetTestCase, self).__init__(*args, **kwargs)
self.client = app.test_client()
self.maxDiff = None
gamma_sqllab_role = sm.add_role("gamma_sqllab")
for perm in sm.find_role('Gamma').permissions:
sm.add_permission_role(gamma_sqllab_role, perm)
db_perm = self.get_main_database(sm.get_session).perm
security.merge_perm(sm, 'database_access', db_perm)
db_pvm = sm.find_permission_view_menu(
view_menu_name=db_perm, permission_name='database_access')
gamma_sqllab_role.permissions.append(db_pvm)
for perm in sm.find_role('sql_lab').permissions:
sm.add_permission_role(gamma_sqllab_role, perm)
admin = appbuilder.sm.find_user('admin')
if not admin:
appbuilder.sm.add_user(
'admin', 'admin', ' user', '*****@*****.**',
appbuilder.sm.find_role('Admin'),
password='******')
gamma = appbuilder.sm.find_user('gamma')
if not gamma:
appbuilder.sm.add_user(
'gamma', 'gamma', 'user', '*****@*****.**',
appbuilder.sm.find_role('Gamma'),
password='******')
gamma2 = appbuilder.sm.find_user('gamma2')
if not gamma2:
appbuilder.sm.add_user(
'gamma2', 'gamma2', 'user', '*****@*****.**',
appbuilder.sm.find_role('Gamma'),
password='******')
gamma_sqllab_user = appbuilder.sm.find_user('gamma_sqllab')
if not gamma_sqllab_user:
appbuilder.sm.add_user(
'gamma_sqllab', 'gamma_sqllab', 'user', '*****@*****.**',
gamma_sqllab_role, password='******')
alpha = appbuilder.sm.find_user('alpha')
if not alpha:
appbuilder.sm.add_user(
'alpha', 'alpha', 'user', '*****@*****.**',
appbuilder.sm.find_role('Alpha'),
password='******')
sm.get_session.commit()
# create druid cluster and druid datasources
session = db.session
cluster = (
session.query(DruidCluster)
.filter_by(cluster_name="druid_test")
.first()
)
if not cluster:
cluster = DruidCluster(cluster_name="druid_test")
session.add(cluster)
session.commit()
druid_datasource1 = DruidDatasource(
datasource_name='druid_ds_1',
cluster_name='druid_test'
)
session.add(druid_datasource1)
druid_datasource2 = DruidDatasource(
datasource_name='druid_ds_2',
cluster_name='druid_test'
)
session.add(druid_datasource2)
session.commit()
def pre_add(self, cluster):
security.merge_perm(sm, 'database_access', cluster.perm)
def post_add(self, datasource):
datasource.generate_metrics()
security.merge_perm(sm, 'datasource_access', datasource.get_perm())
if datasource.schema:
security.merge_perm(sm, 'schema_access', datasource.schema_perm)
def post_update(self, columns):
if columns.is_restricted:
security.merge_perm(sm, 'columns_access', columns.perm)
def __init__(self, *args, **kwargs):
if self.requires_examples and not os.environ.get("SOLO_TEST") and not os.environ.get("examples_loaded"):
logging.info("Loading examples")
cli.load_examples(load_test_data=True)
logging.info("Done loading examples")
sync_role_definitions()
os.environ["examples_loaded"] = "1"
else:
sync_role_definitions()
super(SupersetTestCase, self).__init__(*args, **kwargs)
self.client = app.test_client()
self.maxDiff = None
gamma_sqllab_role = sm.add_role("gamma_sqllab")
for perm in sm.find_role("Gamma").permissions:
sm.add_permission_role(gamma_sqllab_role, perm)
db_perm = self.get_main_database(sm.get_session).perm
security.merge_perm(sm, "database_access", db_perm)
db_pvm = sm.find_permission_view_menu(view_menu_name=db_perm, permission_name="database_access")
gamma_sqllab_role.permissions.append(db_pvm)
for perm in sm.find_role("sql_lab").permissions:
sm.add_permission_role(gamma_sqllab_role, perm)
admin = appbuilder.sm.find_user("admin")
if not admin:
appbuilder.sm.add_user(
"admin", "admin", " user", "*****@*****.**", appbuilder.sm.find_role("Admin"), password="******"
)
gamma = appbuilder.sm.find_user("gamma")
if not gamma:
appbuilder.sm.add_user(
"gamma", "gamma", "user", "*****@*****.**", appbuilder.sm.find_role("Gamma"), password="******"
)
gamma_sqllab_user = appbuilder.sm.find_user("gamma_sqllab")
if not gamma_sqllab_user:
appbuilder.sm.add_user(
"gamma_sqllab", "gamma_sqllab", "user", "*****@*****.**", gamma_sqllab_role, password="******"
)
alpha = appbuilder.sm.find_user("alpha")
if not alpha:
appbuilder.sm.add_user(
"alpha", "alpha", "user", "*****@*****.**", appbuilder.sm.find_role("Alpha"), password="******"
)
sm.get_session.commit()
# create druid cluster and druid datasources
session = db.session
cluster = session.query(models.DruidCluster).filter_by(cluster_name="druid_test").first()
if not cluster:
cluster = models.DruidCluster(cluster_name="druid_test")
session.add(cluster)
session.commit()
druid_datasource1 = models.DruidDatasource(datasource_name="druid_ds_1", cluster_name="druid_test")
session.add(druid_datasource1)
druid_datasource2 = models.DruidDatasource(datasource_name="druid_ds_2", cluster_name="druid_test")
session.add(druid_datasource2)
session.commit()
def __init__(self, *args, **kwargs):
if (self.requires_examples and not os.environ.get('SOLO_TEST')
and not os.environ.get('examples_loaded')):
logging.info('Loading examples')
cli.load_examples(load_test_data=True)
logging.info('Done loading examples')
sync_role_definitions()
os.environ['examples_loaded'] = '1'
else:
sync_role_definitions()
super(SupersetTestCase, self).__init__(*args, **kwargs)
self.client = app.test_client()
self.maxDiff = None
gamma_sqllab_role = sm.add_role('gamma_sqllab')
for perm in sm.find_role('Gamma').permissions:
sm.add_permission_role(gamma_sqllab_role, perm)
db_perm = self.get_main_database(sm.get_session).perm
security.merge_perm(sm, 'database_access', db_perm)
db_pvm = sm.find_permission_view_menu(
view_menu_name=db_perm, permission_name='database_access')
gamma_sqllab_role.permissions.append(db_pvm)
for perm in sm.find_role('sql_lab').permissions:
sm.add_permission_role(gamma_sqllab_role, perm)
admin = appbuilder.sm.find_user('admin')
if not admin:
appbuilder.sm.add_user('admin',
'admin',
' user',
'*****@*****.**',
appbuilder.sm.find_role('Admin'),
password='******')
gamma = appbuilder.sm.find_user('gamma')
if not gamma:
appbuilder.sm.add_user('gamma',
'gamma',
'user',
'*****@*****.**',
appbuilder.sm.find_role('Gamma'),
password='******')
gamma2 = appbuilder.sm.find_user('gamma2')
if not gamma2:
appbuilder.sm.add_user('gamma2',
'gamma2',
'user',
'*****@*****.**',
appbuilder.sm.find_role('Gamma'),
password='******')
gamma_sqllab_user = appbuilder.sm.find_user('gamma_sqllab')
if not gamma_sqllab_user:
appbuilder.sm.add_user('gamma_sqllab',
'gamma_sqllab',
'user',
'*****@*****.**',
gamma_sqllab_role,
password='******')
alpha = appbuilder.sm.find_user('alpha')
if not alpha:
appbuilder.sm.add_user('alpha',
'alpha',
'user',
'*****@*****.**',
appbuilder.sm.find_role('Alpha'),
password='******')
sm.get_session.commit()
# create druid cluster and druid datasources
session = db.session
cluster = (session.query(DruidCluster).filter_by(
cluster_name='druid_test').first())
if not cluster:
cluster = DruidCluster(cluster_name='druid_test')
session.add(cluster)
session.commit()
druid_datasource1 = DruidDatasource(
datasource_name='druid_ds_1',
cluster_name='druid_test',
)
session.add(druid_datasource1)
druid_datasource2 = DruidDatasource(
datasource_name='druid_ds_2',
cluster_name='druid_test',
)
session.add(druid_datasource2)
session.commit()
def post_add(self, metric):
if metric.is_restricted:
security.merge_perm(security_manager, 'metric_access',
metric.get_perm())
def post_update(self, metric):
if metric.is_restricted:
security.merge_perm(sm, 'metric_access', metric.get_perm())
def pre_add(self, cluster):
security.merge_perm(sm, 'database_access', cluster.perm)
