def test_filter_druid_datasource(self): CLUSTER_NAME = 'new_druid' cluster = self.get_or_create( DruidCluster, {'cluster_name': CLUSTER_NAME}, db.session) db.session.merge(cluster) gamma_ds = self.get_or_create( DruidDatasource, {'datasource_name': 'datasource_for_gamma'}, db.session) gamma_ds.cluster = cluster db.session.merge(gamma_ds) no_gamma_ds = self.get_or_create( DruidDatasource, {'datasource_name': 'datasource_not_for_gamma'}, db.session) no_gamma_ds.cluster = cluster db.session.merge(no_gamma_ds) db.session.commit() security.merge_perm(sm, 'datasource_access', gamma_ds.perm) security.merge_perm(sm, 'datasource_access', no_gamma_ds.perm) perm = sm.find_permission_view_menu( 'datasource_access', gamma_ds.get_perm()) sm.add_permission_role(sm.find_role('Gamma'), perm) sm.get_session.commit() self.login(username='******') url = '/druiddatasourcemodelview/list/' resp = self.get_resp(url) self.assertIn('datasource_for_gamma', resp) self.assertNotIn('datasource_not_for_gamma', resp)
def test_clean_requests_after_db_grant(self): session = db.session # Case 3. Two access requests from gamma and gamma2 # Gamma gets database access, gamma2 access request granted # Check if request by gamma has been deleted gamma_user = sm.find_user(username='******') access_request1 = create_access_request(session, 'table', 'long_lat', TEST_ROLE_1, 'gamma') create_access_request(session, 'table', 'long_lat', TEST_ROLE_2, 'gamma2') ds_1_id = access_request1.datasource_id # gamma gets granted database access database = session.query(models.Database).first() security.merge_perm(sm, 'database_access', database.perm) ds_perm_view = sm.find_permission_view_menu('database_access', database.perm) sm.add_permission_role(sm.find_role(DB_ACCESS_ROLE), ds_perm_view) gamma_user.roles.append(sm.find_role(DB_ACCESS_ROLE)) session.commit() access_requests = self.get_access_requests('gamma', 'table', ds_1_id) self.assertTrue(access_requests) # gamma2 request gets fulfilled self.client.get( EXTEND_ROLE_REQUEST.format('table', ds_1_id, 'gamma2', TEST_ROLE_2)) access_requests = self.get_access_requests('gamma', 'table', ds_1_id) self.assertFalse(access_requests) gamma_user = sm.find_user(username='******') gamma_user.roles.remove(sm.find_role(DB_ACCESS_ROLE)) session.commit()
def post_add(self, table, flash_message=True): table.fetch_metadata() security.merge_perm(sm, 'datasource_access', table.get_perm()) if table.schema: security.merge_perm(sm, 'schema_access', table.schema_perm) if flash_message: flash( _('The table was created. ' 'As part of this two phase configuration ' 'process, you should now click the edit button by ' 'the new table to configure it.'), 'info')
def test_clean_requests_after_schema_grant(self): session = db.session # Case 4. Two access requests from gamma and gamma2 # Gamma gets schema access, gamma2 access request granted # Check if request by gamma has been deleted gamma_user = sm.find_user(username='******') access_request1 = create_access_request(session, 'table', 'wb_health_population', TEST_ROLE_1, 'gamma') create_access_request(session, 'table', 'wb_health_population', TEST_ROLE_2, 'gamma2') ds_1_id = access_request1.datasource_id ds = session.query(SqlaTable).filter_by( table_name='wb_health_population').first() ds.schema = 'temp_schema' security.merge_perm(sm, 'schema_access', ds.schema_perm) schema_perm_view = sm.find_permission_view_menu( 'schema_access', ds.schema_perm) sm.add_permission_role(sm.find_role(SCHEMA_ACCESS_ROLE), schema_perm_view) gamma_user.roles.append(sm.find_role(SCHEMA_ACCESS_ROLE)) session.commit() # gamma2 request gets fulfilled self.client.get( EXTEND_ROLE_REQUEST.format('table', ds_1_id, 'gamma2', TEST_ROLE_2)) access_requests = self.get_access_requests('gamma', 'table', ds_1_id) self.assertFalse(access_requests) gamma_user = sm.find_user(username='******') gamma_user.roles.remove(sm.find_role(SCHEMA_ACCESS_ROLE)) ds = session.query(SqlaTable).filter_by( table_name='wb_health_population').first() ds.schema = None session.commit()
def __init__(self, *args, **kwargs): if ( self.requires_examples and not os.environ.get('SOLO_TEST') and not os.environ.get('examples_loaded') ): logging.info('Loading examples') cli.load_examples(load_test_data=True) logging.info('Done loading examples') sync_role_definitions() os.environ['examples_loaded'] = '1' else: sync_role_definitions() super(RookTestCase, self).__init__(*args, **kwargs) self.client = app.test_client() self.maxDiff = None gamma_sqllab_role = sm.add_role('gamma_sqllab') for perm in sm.find_role('Gamma').permissions: sm.add_permission_role(gamma_sqllab_role, perm) db_perm = self.get_main_database(sm.get_session).perm security.merge_perm(sm, 'database_access', db_perm) db_pvm = sm.find_permission_view_menu( view_menu_name=db_perm, permission_name='database_access') gamma_sqllab_role.permissions.append(db_pvm) for perm in sm.find_role('sql_lab').permissions: sm.add_permission_role(gamma_sqllab_role, perm) admin = appbuilder.sm.find_user('admin') if not admin: appbuilder.sm.add_user( 'admin', 'admin', ' user', '*****@*****.**', appbuilder.sm.find_role('Admin'), password='******') gamma = appbuilder.sm.find_user('gamma') if not gamma: appbuilder.sm.add_user( 'gamma', 'gamma', 'user', '*****@*****.**', appbuilder.sm.find_role('Gamma'), password='******') gamma2 = appbuilder.sm.find_user('gamma2') if not gamma2: appbuilder.sm.add_user( 'gamma2', 'gamma2', 'user', '*****@*****.**', appbuilder.sm.find_role('Gamma'), password='******') gamma_sqllab_user = appbuilder.sm.find_user('gamma_sqllab') if not gamma_sqllab_user: appbuilder.sm.add_user( 'gamma_sqllab', 'gamma_sqllab', 'user', '*****@*****.**', gamma_sqllab_role, password='******') alpha = appbuilder.sm.find_user('alpha') if not alpha: appbuilder.sm.add_user( 'alpha', 'alpha', 'user', '*****@*****.**', appbuilder.sm.find_role('Alpha'), password='******') sm.get_session.commit() # create druid cluster and druid datasources session = db.session cluster = ( session.query(DruidCluster) .filter_by(cluster_name='druid_test') .first() ) if not cluster: cluster = DruidCluster(cluster_name='druid_test') session.add(cluster) session.commit() druid_datasource1 = DruidDatasource( datasource_name='druid_ds_1', cluster_name='druid_test', ) session.add(druid_datasource1) druid_datasource2 = DruidDatasource( datasource_name='druid_ds_2', cluster_name='druid_test', ) session.add(druid_datasource2) session.commit()