superset-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From maximebeauche...@apache.org
Subject [incubator-superset] branch master updated: [FAB] configuring updating of permissions (#4172)
Date Mon, 08 Jan 2018 22:39:21 GMT
This is an automated email from the ASF dual-hosted git repository.

maximebeauchemin pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-superset.git


The following commit(s) were added to refs/heads/master by this push:
     new d570120  [FAB] configuring updating of permissions (#4172)
d570120 is described below

commit d57012067bccec95f3720dd290fd04c0457d6da8
Author: John Bodley <4567245+john-bodley@users.noreply.github.com>
AuthorDate: Mon Jan 8 14:39:18 2018 -0800

    [FAB] configuring updating of permissions (#4172)
---
 docs/installation.rst | 23 ++++++++++++++++++++++-
 setup.py              |  2 +-
 superset/__init__.py  |  4 +++-
 superset/utils.py     |  5 +++++
 4 files changed, 31 insertions(+), 3 deletions(-)

diff --git a/docs/installation.rst b/docs/installation.rst
index 716afe5..4031819 100644
--- a/docs/installation.rst
+++ b/docs/installation.rst
@@ -167,6 +167,27 @@ work on Windows so the `superset runserver` command is not expected to
work
 in that context. Also note that the development web
 server (`superset runserver -d`) is not intended for production use.
 
+Flask-AppBuilder Permissions
+----------------------------
+
+By default every time the Flask-AppBuilder (FAB) app is initialized the
+permissions and views are added automatically to the backend and associated with
+the ‘Admin’ role. The issue however is when you are running multiple concurrent
+workers this creates a lot of contention and race conditions when defining
+permissions and views.
+
+To alleviate this issue, the automatic updating of permissions can be disabled
+by setting the :envvar:`SUPERSET_UPDATE_PERMS` environment variable to `0`.
+The value `1` enables it, `0` disables it. Note if undefined the functionality
+is enabled to maintain backwards compatibility.
+
+In a production environment initialization could take on the following form:
+
+  export SUPERSET_UPDATE_PERMS=1
+  superset init
+
+  export SUPERSET_UPDATE_PERMS=0
+  gunicorn -w 10 ... superset:app
 
 Configuration behind a load balancer
 ------------------------------------
@@ -181,7 +202,7 @@ If the load balancer is inserting X-Forwarded-For/X-Forwarded-Proto headers,
you
 should set `ENABLE_PROXY_FIX = True` in the superset config file to extract and use
 the headers.
 
-In case that the reverse proxy is used for providing ssl encryption, 
+In case that the reverse proxy is used for providing ssl encryption,
 an explicit definition of the `X-Forwarded-Proto` may be required.
 For the Apache webserver this can be set as follows: ::
 
diff --git a/setup.py b/setup.py
index f662e88..00b56d2 100644
--- a/setup.py
+++ b/setup.py
@@ -49,7 +49,7 @@ setup(
         'colorama==0.3.9',
         'cryptography==1.9',
         'flask==0.12.2',
-        'flask-appbuilder==1.9.4',
+        'flask-appbuilder==1.9.5',
         'flask-cache==0.13.1',
         'flask-migrate==2.0.3',
         'flask-script==2.0.5',
diff --git a/superset/__init__.py b/superset/__init__.py
index 5d0c674..8aabca4 100644
--- a/superset/__init__.py
+++ b/superset/__init__.py
@@ -152,7 +152,9 @@ appbuilder = AppBuilder(
     db.session,
     base_template='superset/base.html',
     indexview=MyIndexView,
-    security_manager_class=app.config.get('CUSTOM_SECURITY_MANAGER'))
+    security_manager_class=app.config.get('CUSTOM_SECURITY_MANAGER'),
+    update_perms=utils.get_update_perms_flag(),
+)
 
 sm = appbuilder.sm
 
diff --git a/superset/utils.py b/superset/utils.py
index c64e8cf..ee81af5 100644
--- a/superset/utils.py
+++ b/superset/utils.py
@@ -767,3 +767,8 @@ def merge_extra_filters(form_data):
                     form_data['filters'] += [filtr]
         # Remove extra filters from the form data since no longer needed
         del form_data['extra_filters']
+
+
+def get_update_perms_flag():
+    val = os.environ.get('SUPERSET_UPDATE_PERMS')
+    return val.lower() not in ('0', 'false', 'no') if val else True

-- 
To stop receiving notification emails like this one, please contact
['"commits@superset.apache.org" <commits@superset.apache.org>'].

Mime
View raw message