def create_missing_perms(self) -> None:
"""
Creates missing FAB permissions for datasources, schemas and metrics.
"""
# pylint: disable=import-outside-toplevel
from superset.models import core as models
logger.info(
"Fetching a set of all perms to lookup which ones are missing")
all_pvs = set()
for pv in self.get_session.query(self.permissionview_model).all():
if pv.permission and pv.view_menu:
all_pvs.add((pv.permission.name, pv.view_menu.name))
def merge_pv(view_menu: str, perm: str) -> None:
"""Create permission view menu only if it doesn't exist"""
if view_menu and perm and (view_menu, perm) not in all_pvs:
self.add_permission_view_menu(view_menu, perm)
logger.info("Creating missing datasource permissions.")
datasources = ConnectorRegistry.get_all_datasources(self.get_session)
for datasource in datasources:
merge_pv("datasource_access", datasource.get_perm())
merge_pv("schema_access", datasource.get_schema_perm())
logger.info("Creating missing database permissions.")
databases = self.get_session.query(models.Database).all()
for database in databases:
merge_pv("database_access", database.perm)
def create_missing_perms(self) -> None:
"""
Creates missing FAB permissions for datasources, schemas and metrics.
"""
from superset import db
from superset.connectors.base.models import BaseMetric
from superset.models import core as models
logging.info("Fetching a set of all perms to lookup which ones are missing")
all_pvs = set()
for pv in self.get_session.query(self.permissionview_model).all():
if pv.permission and pv.view_menu:
all_pvs.add((pv.permission.name, pv.view_menu.name))
def merge_pv(view_menu, perm):
"""Create permission view menu only if it doesn't exist"""
if view_menu and perm and (view_menu, perm) not in all_pvs:
self.add_permission_view_menu(view_menu, perm)
logging.info("Creating missing datasource permissions.")
datasources = ConnectorRegistry.get_all_datasources(db.session)
for datasource in datasources:
merge_pv("datasource_access", datasource.get_perm())
merge_pv("schema_access", datasource.schema_perm)
logging.info("Creating missing database permissions.")
databases = db.session.query(models.Database).all()
for database in databases:
merge_pv("database_access", database.perm)
logging.info("Creating missing metrics permissions")
metrics: List[BaseMetric] = []
for datasource_class in ConnectorRegistry.sources.values():
metrics += list(db.session.query(datasource_class.metric_class).all())
def get_user_datasources(self) -> List["BaseDatasource"]:
"""
Collect datasources which the user has explicit permissions to.
:returns: The list of datasources
"""
user_perms = self.user_view_menu_names("datasource_access")
schema_perms = self.user_view_menu_names("schema_access")
user_datasources = set()
for datasource_class in ConnectorRegistry.sources.values():
user_datasources.update(
self.get_session.query(datasource_class).filter(
or_(
datasource_class.perm.in_(user_perms),
datasource_class.schema_perm.in_(schema_perms),
)).all())
# group all datasources by database
all_datasources = ConnectorRegistry.get_all_datasources(
self.get_session)
datasources_by_database: Dict["Database",
Set["BaseDatasource"]] = defaultdict(set)
for datasource in all_datasources:
datasources_by_database[datasource.database].add(datasource)
# add datasources with implicit permission (eg, database access)
for database, datasources in datasources_by_database.items():
if self.can_access_database(database):
user_datasources.update(datasources)
return list(user_datasources)
def create_missing_perms():
"""Creates missing perms for datasources, schemas and metrics"""
logging.info(
'Fetching a set of all perms to lookup which ones are missing')
all_pvs = set()
for pv in sm.get_session.query(sm.permissionview_model).all():
if pv.permission and pv.view_menu:
all_pvs.add((pv.permission.name, pv.view_menu.name))
def merge_pv(view_menu, perm):
"""Create permission view menu only if it doesn't exist"""
if view_menu and perm and (view_menu, perm) not in all_pvs:
merge_perm(sm, view_menu, perm)
logging.info('Creating missing datasource permissions.')
datasources = ConnectorRegistry.get_all_datasources(db.session)
for datasource in datasources:
merge_pv('datasource_access', datasource.get_perm())
merge_pv('schema_access', datasource.schema_perm)
logging.info('Creating missing database permissions.')
databases = db.session.query(models.Database).all()
for database in databases:
merge_pv('database_access', database.perm)
logging.info('Creating missing metrics permissions')
metrics = []
for datasource_class in ConnectorRegistry.sources.values():
metrics += list(db.session.query(datasource_class.metric_class).all())
for metric in metrics:
if metric.is_restricted:
merge_pv('metric_access', metric.perm)
def create_missing_perms():
"""Creates missing perms for datasources, schemas and metrics"""
logging.info(
"Fetching a set of all perms to lookup which ones are missing")
all_pvs = set()
for pv in sm.get_session.query(sm.permissionview_model).all():
if pv.permission and pv.view_menu:
all_pvs.add((pv.permission.name, pv.view_menu.name))
def merge_pv(view_menu, perm):
"""Create permission view menu only if it doesn't exist"""
if view_menu and perm and (view_menu, perm) not in all_pvs:
merge_perm(sm, view_menu, perm)
logging.info("Creating missing datasource permissions.")
datasources = ConnectorRegistry.get_all_datasources(db.session)
for datasource in datasources:
merge_pv('datasource_access', datasource.get_perm())
merge_pv('schema_access', datasource.schema_perm)
logging.info("Creating missing database permissions.")
databases = db.session.query(models.Database).all()
for database in databases:
merge_pv('database_access', database.perm)
logging.info("Creating missing metrics permissions")
metrics = []
for datasource_class in ConnectorRegistry.sources.values():
metrics += list(db.session.query(datasource_class.metric_class).all())
for metric in metrics:
if (metric.is_restricted):
merge_pv('metric_access', metric.perm)
def create_missing_datasource_perms(view_menu_set):
logging.info("Creating missing datasource permissions.")
datasources = ConnectorRegistry.get_all_datasources(db.session)
for datasource in datasources:
if datasource and datasource.perm not in view_menu_set:
merge_perm(sm, 'datasource_access', datasource.get_perm())
if datasource.schema_perm:
merge_perm(sm, 'schema_access', datasource.schema_perm)
def create_missing_datasource_perms(view_menu_set):
logging.info("Creating missing datasource permissions.")
datasources = ConnectorRegistry.get_all_datasources(
db.session)
for datasource in datasources:
if datasource and datasource.perm not in view_menu_set:
merge_perm(sm, 'datasource_access', datasource.get_perm())
if datasource.schema_perm:
merge_perm(sm, 'schema_access', datasource.schema_perm)
def add(self) -> FlaskResponse:
datasources = [{
"value": str(d.id) + "__" + d.type,
"label": repr(d)
} for d in ConnectorRegistry.get_all_datasources(db.session)]
payload = {
"datasources": sorted(datasources, key=lambda d: d["label"]),
"common": common_bootstrap_payload(),
}
return self.render_template("superset/add_slice.html",
bootstrap_data=json.dumps(payload))
def add(self) -> FlaskResponse:
datasources = [{
"value": str(d.id) + "__" + d.type,
"label": repr(d)
} for d in ConnectorRegistry.get_all_datasources()]
return self.render_template(
"superset/add_slice.html",
bootstrap_data=json.dumps(
{"datasources": sorted(datasources,
key=lambda d: d["label"])}),
)
def fetch_all_datasources() -> List["BaseDatasource"]:
return ConnectorRegistry.get_all_datasources(db.session)
def add(self) -> FlaskResponse:
allowed_datasources = []
datasources = []
# only if gamma
is_gamma = False
logging.debug('-------------------------')
for role in g.user.roles:
if str(role) == 'Gamma':
is_gamma = True
logging.debug(role.permissions)
for perm in role.permissions:
if str(perm).startswith('datasource access on ['):
#'datasource access on [DB].[DATASOURCE](id:ID)')
data_search = re.search(
'datasource access on \[([^\]]+)\]\.\[([^\]]+)\]\(id:([^\)]+)\)',
str(perm))
if data_search:
allowed_datasources.append({
"connection":
data_search.group(1),
"name":
data_search.group(2),
"id":
data_search.group(3)
})
for d in ConnectorRegistry.get_all_datasources(db.session):
if (is_gamma):
for a in allowed_datasources:
table_name = d.short_data.get("name").split('.')[-1]
if table_name == a.get("name") and d.short_data.get(
"connection") == a.get("connection") and str(
d.short_data.get("id")) == str(a.get("id")):
if hasattr(d, 'custom_label'):
datasources.append({
"value": str(d.id) + "__" + d.type,
"label": d.custom_label
})
else:
datasources.append({
"value": str(d.id) + "__" + d.type,
"label": repr(d)
})
else:
if hasattr(d, 'custom_label'):
datasources.append({
"value": str(d.id) + "__" + d.type,
"label": d.custom_label
})
else:
datasources.append({
"value": str(d.id) + "__" + d.type,
"label": repr(d)
})
payload = {
"datasources": sorted(datasources, key=lambda d: d["label"]),
"common": common_bootstrap_payload(),
"user": bootstrap_user_data(g.user),
}
return self.render_template("superset/add_slice.html",
bootstrap_data=json.dumps(payload))
