def run(self) -> bool:
try:
dataset_id = self._cmd_params.dataset_id
chart_id = self._cmd_params.chart_id
actor = self._cmd_params.actor
key = self._cmd_params.key
form_data = self._cmd_params.form_data
check_access(dataset_id, chart_id, actor)
state: TemporaryExploreState = cache_manager.explore_form_data_cache.get(
key)
if state and form_data:
user_id = actor.get_user_id()
if state["owner"] != user_id:
raise KeyValueAccessDeniedError()
new_state: TemporaryExploreState = {
"owner": actor.get_user_id(),
"dataset_id": dataset_id,
"chart_id": chart_id,
"form_data": form_data,
}
return cache_manager.explore_form_data_cache.set(
key, new_state)
return False
except SQLAlchemyError as ex:
logger.exception("Error running update command")
raise KeyValueUpdateFailedError() from ex
def test_unsaved_chart_unknown_dataset_id(mocker: MockFixture,
app_context: AppContext) -> None:
from superset.explore.form_data.utils import check_access
with raises(DatasetNotFoundError):
mocker.patch(dataset_find_by_id, return_value=None)
check_access(dataset_id=1, chart_id=0, actor=User())
def run(self) -> str:
try:
dataset_id = self._cmd_params.dataset_id
chart_id = self._cmd_params.chart_id
tab_id = self._cmd_params.tab_id
actor = self._cmd_params.actor
form_data = self._cmd_params.form_data
check_access(dataset_id, chart_id, actor)
contextual_key = cache_key(session.get("_id"), tab_id, dataset_id,
chart_id)
key = cache_manager.explore_form_data_cache.get(contextual_key)
if not key or not tab_id:
key = random_key()
if form_data:
state: TemporaryExploreState = {
"owner": actor.get_user_id(),
"dataset_id": dataset_id,
"chart_id": chart_id,
"form_data": form_data,
}
cache_manager.explore_form_data_cache.set(key, state)
cache_manager.explore_form_data_cache.set(contextual_key, key)
return key
except SQLAlchemyError as ex:
logger.exception("Error running create command")
raise KeyValueCreateFailedError() from ex
def test_saved_chart_unauthorized_dataset(mocker: MockFixture,
app_context: AppContext) -> None:
from superset.connectors.sqla.models import SqlaTable
from superset.explore.form_data import utils
with raises(DatasetAccessDeniedError):
mocker.patch(dataset_find_by_id, return_value=SqlaTable())
mocker.patch(can_access_datasource, return_value=False)
utils.check_access(dataset_id=1, chart_id=1, actor=User())
def test_saved_chart_unknown_chart_id(mocker: MockFixture,
app_context: AppContext) -> None:
from superset.connectors.sqla.models import SqlaTable
from superset.explore.form_data.utils import check_access
with raises(ChartNotFoundError):
mocker.patch(dataset_find_by_id, return_value=SqlaTable())
mocker.patch(can_access_datasource, return_value=True)
mocker.patch(chart_find_by_id, return_value=None)
check_access(dataset_id=1, chart_id=1, actor=User())
def test_saved_chart_no_access(mocker: MockFixture,
app_context: AppContext) -> None:
from superset.connectors.sqla.models import SqlaTable
from superset.explore.form_data.utils import check_access
from superset.models.slice import Slice
with raises(ChartAccessDeniedError):
mocker.patch(dataset_find_by_id, return_value=SqlaTable())
mocker.patch(can_access_datasource, return_value=True)
mocker.patch(is_user_admin, return_value=False)
mocker.patch(is_owner, return_value=False)
mocker.patch(can_access, return_value=False)
mocker.patch(chart_find_by_id, return_value=Slice())
check_access(dataset_id=1, chart_id=1, actor=User())
def run(self) -> Optional[str]:
try:
actor = self._cmd_params.actor
key = self._cmd_params.key
state: TemporaryExploreState = cache_manager.explore_form_data_cache.get(
key)
if state:
check_access(state["dataset_id"], state["chart_id"], actor)
if self._refresh_timeout:
cache_manager.explore_form_data_cache.set(key, state)
return state["form_data"]
return None
except SQLAlchemyError as ex:
logger.exception("Error running get command")
raise KeyValueGetFailedError() from ex
def run(self) -> bool:
try:
actor = self._cmd_params.actor
key = self._cmd_params.key
state: TemporaryExploreState = cache_manager.explore_form_data_cache.get(
key)
if state:
check_access(state["dataset_id"], state["chart_id"], actor)
if state["owner"] != actor.get_user_id():
raise KeyValueAccessDeniedError()
return cache_manager.explore_form_data_cache.delete(key)
return False
except SQLAlchemyError as ex:
logger.exception("Error running delete command")
raise KeyValueDeleteFailedError() from ex
def test_unsaved_chart_authorized_dataset(mocker: MockFixture,
app_context: AppContext) -> None:
from superset.connectors.sqla.models import SqlaTable
from superset.explore.form_data.utils import check_access
mocker.patch(dataset_find_by_id, return_value=SqlaTable())
mocker.patch(can_access_datasource, return_value=True)
assert check_access(dataset_id=1, chart_id=0, actor=User()) == True
def test_saved_chart_is_admin(mocker: MockFixture,
app_context: AppContext) -> None:
from superset.connectors.sqla.models import SqlaTable
from superset.explore.form_data.utils import check_access
from superset.models.slice import Slice
mocker.patch(dataset_find_by_id, return_value=SqlaTable())
mocker.patch(can_access_datasource, return_value=True)
mocker.patch(is_user_admin, return_value=True)
mocker.patch(chart_find_by_id, return_value=Slice())
assert check_access(dataset_id=1, chart_id=1, actor=User()) == True
def run(self) -> str:
try:
dataset_id = self._cmd_params.dataset_id
chart_id = self._cmd_params.chart_id
actor = self._cmd_params.actor
form_data = self._cmd_params.form_data
check_access(dataset_id, chart_id, actor)
key = token_urlsafe(48)
if form_data:
state: TemporaryExploreState = {
"owner": actor.get_user_id(),
"dataset_id": dataset_id,
"chart_id": chart_id,
"form_data": form_data,
}
cache_manager.explore_form_data_cache.set(key, state)
return key
except SQLAlchemyError as ex:
logger.exception("Error running create command")
raise KeyValueCreateFailedError() from ex
def run(self) -> Optional[str]:
try:
dataset_id = self._cmd_params.dataset_id
chart_id = self._cmd_params.chart_id
actor = self._cmd_params.actor
key = self._cmd_params.key
form_data = self._cmd_params.form_data
check_access(dataset_id, chart_id, actor)
state: TemporaryExploreState = cache_manager.explore_form_data_cache.get(
key
)
if state and form_data:
user_id = actor.get_user_id()
if state["owner"] != user_id:
raise KeyValueAccessDeniedError()
# Generate a new key if tab_id changes or equals 0
tab_id = self._cmd_params.tab_id
contextual_key = cache_key(
session.get("_id"), tab_id, dataset_id, chart_id
)
key = cache_manager.explore_form_data_cache.get(contextual_key)
if not key or not tab_id:
key = random_key()
cache_manager.explore_form_data_cache.set(contextual_key, key)
new_state: TemporaryExploreState = {
"owner": actor.get_user_id(),
"dataset_id": dataset_id,
"chart_id": chart_id,
"form_data": form_data,
}
cache_manager.explore_form_data_cache.set(key, new_state)
return key
except SQLAlchemyError as ex:
logger.exception("Error running update command")
raise KeyValueUpdateFailedError() from ex
def test_unsaved_chart_no_dataset_id(app_context: AppContext) -> None:
from superset.explore.form_data.utils import check_access
with raises(DatasetNotFoundError):
check_access(dataset_id=0, chart_id=0, actor=User())
