Add schema level access control on csv upload #5787
Conversation
youngyjd
force-pushed
the
csv-upload-schema-level-access-control
branch
from
5c80077 to
3f19778
Compare
Codecov Report
@@ Coverage Diff @@
## master #5787 +/- ##
==========================================
+ Coverage 48.19% 48.23% +0.03%
==========================================
Files 393 393
Lines 23600 23645 +45
Branches 2630 2630
==========================================
+ Hits 11375 11406 +31
- Misses 12225 12239 +14
Continue to review full report at Codecov.
|
|
PTAL |
|
@youngyjd, taking a look at this, sorry for the delay. |
|
Looks good, but can you use the security manager to control access to uploading Schemas? This seems like a functionality different deployments will want to override. |
youngyjd
force-pushed
the
csv-upload-schema-level-access-control
branch
2 times, most recently
from
0b58521 to
041063e
Compare
youngyjd
force-pushed
the
csv-upload-schema-level-access-control
branch
from
041063e to
e87cf4d
Compare
|
@mistercrunch @betodealmeida @timifasubaa Introduced one more layer of access control by bringing in security_manager. PTAL. Thanks a lot. |
There was a problem hiding this comment.
@youngyjd, thanks for the thorough work! I have just a few comments, but this looks awesome!
superset/forms.py
Outdated
| description=_('Specify a schema (if database flavour supports this).'), | ||
| validators=[Optional()], | ||
| widget=BS3TextFieldWidget(), | ||
| filters=[lambda x: x or None]) |
There was a problem hiding this comment.
Why do we need the or None here? Is it a way of casting falsy values (0, [], '') to None?
There was a problem hiding this comment.
Did not notice that. I just copy-pasted to move these lines of code for a better order showing on the UI. Will take a look.
There was a problem hiding this comment.
Took a quick look. I think the original author wrote this because that if no schema is provided on the frontend, the backend will receive an empty string which is '', but it should be None otherwise the database will throw some kind of error like schema does not exist. So yes, I think it is just casting falsy values, specifically '' to None.
superset/forms.py
Outdated
| if (security_manager.database_access(database) or | ||
| security_manager.all_datasource_access()): | ||
| return True | ||
| else: |
There was a problem hiding this comment.
The else here is not needed, so you might want to remove it and dedent the block below.
There was a problem hiding this comment.
good catch. thanks
superset/forms.py
Outdated
| get_pk=lambda a: a.id, get_label=lambda a: a.database_name) | ||
| schema = StringField( | ||
| _('Schema'), | ||
| description=_('Specify a schema (if database flavour supports this).'), |
There was a problem hiding this comment.
Nit: "flavour" is British English, it would be better to have US English ("flavor") as the default language.
| allow_ctas = Column(Boolean, default=False) | ||
| allow_dml = Column(Boolean, default=False) | ||
| force_ctas_schema = Column(String(250)) | ||
| allow_multi_schema_metadata_fetch = Column(Boolean, default=True) | ||
| extra = Column(Text, default=textwrap.dedent("""\ | ||
| { | ||
| "metadata_params": {}, | ||
| "engine_params": {} | ||
| "engine_params": {}, | ||
| "schemas_allowed_for_csv_upload": [] |
There was a problem hiding this comment.
Nit: leave a trailing comma on the last line, it makes it easier to sort lines and for better git blame.
There was a problem hiding this comment.
Have to remove the trailing comma. Other wise it will show error Expecting property name enclosed in double quotes: line 4 column 1 (char 57) when I try to save a db. I guess it is related to json formatting issue?
superset/views/core.py
Outdated
| message = _('Database "{0}" Schema "{1}" is not allowed for csv uploads. ' | ||
| 'Please contact Superset Admin'.format(database.database_name, | ||
| schema_name)) | ||
| flash( |
There was a problem hiding this comment.
This can be written in a single language:
flash(message, 'danger')There was a problem hiding this comment.
woops. I must have copy-paste from somewhere and then made some changes but did not aware of the styling issue. thanks
| This situation is impossible and user is unable to upload csv | ||
| b) if database supports schema | ||
| user is able to upload to schema in schemas_allowed_for_csv_upload | ||
| """ |
youngyjd
force-pushed
the
csv-upload-schema-level-access-control
branch
from
d3a35ef to
72b3122
Compare
youngyjd
force-pushed
the
csv-upload-schema-level-access-control
branch
from
72b3122 to
1c72ee4
Compare
* Add schema level access control on csv upload * add db migrate merge point * fix flake 8 * fix test * remove unnecessary db migration * fix flake * nit * fix test for test_schemas_access_for_csv_upload_endpoint * fix test_csv_import test * use security_manager to check whether schema is allowed to be accessed * bring security manager to the party * flake8 & repush to retrigger test * address comments * remove trailing comma
* Add schema level access control on csv upload * add db migrate merge point * fix flake 8 * fix test * remove unnecessary db migration * fix flake * nit * fix test for test_schemas_access_for_csv_upload_endpoint * fix test_csv_import test * use security_manager to check whether schema is allowed to be accessed * bring security manager to the party * flake8 & repush to retrigger test * address comments * remove trailing comma (cherry picked from commit b6d7d57)
* Add schema level access control on csv upload * add db migrate merge point * fix flake 8 * fix test * remove unnecessary db migration * fix flake * nit * fix test for test_schemas_access_for_csv_upload_endpoint * fix test_csv_import test * use security_manager to check whether schema is allowed to be accessed * bring security manager to the party * flake8 & repush to retrigger test * address comments * remove trailing comma (cherry picked from commit b6d7d57)
* Add schema level access control on csv upload * add db migrate merge point * fix flake 8 * fix test * remove unnecessary db migration * fix flake * nit * fix test for test_schemas_access_for_csv_upload_endpoint * fix test_csv_import test * use security_manager to check whether schema is allowed to be accessed * bring security manager to the party * flake8 & repush to retrigger test * address comments * remove trailing comma (cherry picked from commit b6d7d57)
* Add schema level access control on csv upload * add db migrate merge point * fix flake 8 * fix test * remove unnecessary db migration * fix flake * nit * fix test for test_schemas_access_for_csv_upload_endpoint * fix test_csv_import test * use security_manager to check whether schema is allowed to be accessed * bring security manager to the party * flake8 & repush to retrigger test * address comments * remove trailing comma (cherry picked from commit b6d7d57)
* Add schema level access control on csv upload * add db migrate merge point * fix flake 8 * fix test * remove unnecessary db migration * fix flake * nit * fix test for test_schemas_access_for_csv_upload_endpoint * fix test_csv_import test * use security_manager to check whether schema is allowed to be accessed * bring security manager to the party * flake8 & repush to retrigger test * address comments * remove trailing comma (cherry picked from commit b6d7d57)
* Add schema level access control on csv upload * add db migrate merge point * fix flake 8 * fix test * remove unnecessary db migration * fix flake * nit * fix test for test_schemas_access_for_csv_upload_endpoint * fix test_csv_import test * use security_manager to check whether schema is allowed to be accessed * bring security manager to the party * flake8 & repush to retrigger test * address comments * remove trailing comma (cherry picked from commit b6d7d57)
| @@ -844,6 +844,7 @@ def get_or_create_main_db(): | |||
| dbobj.set_sqlalchemy_uri(conf.get('SQLALCHEMY_DATABASE_URI')) | |||
| dbobj.expose_in_sqllab = True | |||
| dbobj.allow_run_sync = True | |||
| dbobj.allow_csv_upload = True | |||
There was a problem hiding this comment.
@youngyjd why is this explicitly set? Note in general one would not want to have users upload to the main database. Secondly if you disable this setting in the UI then every time the app is restarted the database record is updated.
@mistercrunch personally I don't think we should be setting any of these fields if the dbobj exists, i.e., I feel the logic should be:
if not dbobj:
dbobj = models.Database(database_name='main')
dbobj.set_sqlalchemy_uri(conf.get('SQLALCHEMY_DATABASE_URI'))
dbobj.expose_in_sqllab = False
dbobj.allow_run_sync = False
dbobj.allow_csv_upload = False
i.e., all these settings should be initialized as False and never updated.
mistercrunch
added
🏷️ bot
This PR is to support schema-level access control for csv upload. There are several changes here:
Extrafield.schemafield is changed to a dropdown menu instead of a text input, if schema-level access control has been provided for this database.allow_csv_uploadis checked for a database but nothing is set forschemas_allowed_for_csv_upload, all schemas can be accessed, so it will not break backward compatibility.