superset-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From maximebeauche...@apache.org
Subject [incubator-superset] branch master updated: fix sql lab permission issue (#6194)
Date Thu, 25 Oct 2018 23:35:48 GMT
This is an automated email from the ASF dual-hosted git repository.

maximebeauchemin pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-superset.git


The following commit(s) were added to refs/heads/master by this push:
     new a0479d5  fix sql lab permission issue (#6194)
a0479d5 is described below

commit a0479d57b28b276ca3015395d607c4d6777067eb
Author: Junda Yang <youngyjd@gmail.com>
AuthorDate: Thu Oct 25 16:35:43 2018 -0700

    fix sql lab permission issue (#6194)
---
 superset/security.py | 17 ++++++++++-------
 1 file changed, 10 insertions(+), 7 deletions(-)

diff --git a/superset/security.py b/superset/security.py
index c0f6f37..4b58cda 100644
--- a/superset/security.py
+++ b/superset/security.py
@@ -16,6 +16,14 @@ READ_ONLY_MODEL_VIEWS = {
     'DruidClusterModelView',
 }
 
+USER_MODEL_VIEWS = {
+    'UserDBModelView',
+    'UserLDAPModelView',
+    'UserOAuthModelView',
+    'UserOIDModelView',
+    'UserRemoteUserModelView',
+}
+
 GAMMA_READ_ONLY_MODEL_VIEWS = {
     'SqlMetricInlineView',
     'TableColumnInlineView',
@@ -34,12 +42,7 @@ ADMIN_ONLY_VIEW_MENUS = {
     'ResetPasswordView',
     'RoleModelView',
     'Security',
-    'UserDBModelView',
-    'UserLDAPModelView',
-    'UserOAuthModelView',
-    'UserOIDModelView',
-    'UserRemoteUserModelView',
-}
+} | USER_MODEL_VIEWS
 
 ALPHA_ONLY_VIEW_MENUS = {
     'Upload a CSV',
@@ -374,7 +377,7 @@ class SupersetSecurityManager(SecurityManager):
                 'can_sql_json', 'can_csv', 'can_search_queries', 'can_sqllab_viz',
                 'can_sqllab',
             } or
-            (pvm.view_menu.name == 'UserDBModelView' and
+            (pvm.view_menu.name in USER_MODEL_VIEWS and
              pvm.permission.name == 'can_list'))
 
     def is_granter_pvm(self, pvm):


Mime
View raw message