def at_least_one_schema_is_allowed(database): """ If the user has access to the database or all datasource 1. if schemas_allowed_for_csv_upload is empty a) if database does not support schema user is able to upload csv without specifying schema name b) if database supports schema user is able to upload csv to any schema 2. if schemas_allowed_for_csv_upload is not empty a) if database does not support schema This situation is impossible and upload will fail b) if database supports schema user is able to upload to schema in schemas_allowed_for_csv_upload elif the user does not access to the database or all datasource 1. if schemas_allowed_for_csv_upload is empty a) if database does not support schema user is unable to upload csv b) if database supports schema user is unable to upload csv 2. if schemas_allowed_for_csv_upload is not empty a) if database does not support schema This situation is impossible and user is unable to upload csv b) if database supports schema user is able to upload to schema in schemas_allowed_for_csv_upload """ if (security_manager.database_access(database) or security_manager.all_datasource_access()): return True schemas = database.get_schema_access_for_csv_upload() if (schemas and security_manager.schemas_accessible_by_user( database, schemas, False)): return True return False
def at_least_one_schema_is_allowed(database): """ If the user has access to the database or all datasource 1. if schemas_allowed_for_csv_upload is empty a) if database does not support schema user is able to upload csv without specifying schema name b) if database supports schema user is able to upload csv to any schema 2. if schemas_allowed_for_csv_upload is not empty a) if database does not support schema This situation is impossible and upload will fail b) if database supports schema user is able to upload to schema in schemas_allowed_for_csv_upload elif the user does not access to the database or all datasource 1. if schemas_allowed_for_csv_upload is empty a) if database does not support schema user is unable to upload csv b) if database supports schema user is unable to upload csv 2. if schemas_allowed_for_csv_upload is not empty a) if database does not support schema This situation is impossible and user is unable to upload csv b) if database supports schema user is able to upload to schema in schemas_allowed_for_csv_upload """ if (security_manager.database_access(database) or security_manager.all_datasource_access()): return True schemas = database.get_schema_access_for_csv_upload() if schemas and security_manager.schemas_accessible_by_user( database, schemas, False): return True return False
def is_schema_allowed(self, database, schema): if not database.allow_csv_upload: return False schemas = database.get_schema_access_for_csv_upload() if schemas: return schema in schemas return (security_manager.database_access(database) or security_manager.all_datasource_access())
def apply(self, query: Query, value: Any) -> Query: if security_manager.all_datasource_access(): return query perms = security_manager.user_view_menu_names("datasource_access") schema_perms = security_manager.user_view_menu_names("schema_access") return query.filter( or_(self.model.perm.in_(perms), self.model.schema_perm.in_(schema_perms)))
def schema_allows_csv_upload(database: Database, schema: Optional[str]) -> bool: if not database.allow_csv_upload: return False schemas = database.get_schema_access_for_csv_upload() if schemas: return schema in schemas return (security_manager.database_access(database) or security_manager.all_datasource_access())
def apply(self, query, func): # noqa if security_manager.all_datasource_access(): return query datasource_perms = security_manager.user_view_menu_names( "datasource_access") schema_perms = security_manager.user_view_menu_names("schema_access") return query.filter( or_( self.model.perm.in_(datasource_perms), self.model.schema_perm.in_(schema_perms), ))
def _is_schema_allowed_for_csv_upload(self, database: Database, schema: str = None) -> bool: """ Checks whether the specified schema is allowed for csv-uploads Keyword Arguments: database -- The database object which will be used for the import schema -- the schema to be used for the import :return if schema allow csv upload """ if not database.allow_csv_upload: return False schemas = database.get_schema_access_for_csv_upload() if schemas: return schema in schemas return (security_manager.database_access(database) or security_manager.all_datasource_access())
def apply(self, query: Query, value: Any) -> Query: user_roles = [role.name.lower() for role in list(get_user_roles())] if "admin" in user_roles: return query datasource_perms = security_manager.user_view_menu_names( "datasource_access") schema_perms = security_manager.user_view_menu_names("schema_access") all_datasource_access = security_manager.all_datasource_access() published_dash_query = ( db.session.query(Dashboard.id).join(Dashboard.slices).filter( and_( Dashboard.published == True, # pylint: disable=singleton-comparison or_( Slice.perm.in_(datasource_perms), Slice.schema_perm.in_(schema_perms), all_datasource_access, ), ))) users_favorite_dash_query = db.session.query(FavStar.obj_id).filter( and_( FavStar.user_id == security_manager.user_model.get_user_id(), FavStar.class_name == "Dashboard", )) owner_ids_query = (db.session.query(Dashboard.id).join( Dashboard.owners).filter( security_manager.user_model.id == security_manager.user_model.get_user_id())) query = query.filter( or_( Dashboard.id.in_(owner_ids_query), Dashboard.id.in_(published_dash_query), Dashboard.id.in_(users_favorite_dash_query), )) return query
def apply(self, query, func): if security_manager.all_datasource_access(): return query perms = self.get_view_menus("datasource_access") # TODO(bogdan): add `schema_access` support here return query.filter(self.model.perm.in_(perms))
def apply(self, query, func): # noqa if security_manager.all_datasource_access(): return query perms = self.get_view_menus('datasource_access') # TODO(bogdan): add `schema_access` support here return query.filter(self.model.perm.in_(perms))