This is an automated email from the ASF dual-hosted git repository.
villebro pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-superset.git
The following commit(s) were added to refs/heads/master by this push:
new 702cfe9 Fix: Include RLS filters for cache keys (#10805)
702cfe9 is described below
commit 702cfe938f941ec5492de1eb544e1c1b44d51ec0
Author: gtg472b <[email protected]>
AuthorDate: Mon Sep 7 08:49:13 2020 -0600
Fix: Include RLS filters for cache keys (#10805)
* Fix: Include RLS filters for cache keys
This fix makes sure that RLS filters are searched for templatable jinja
content, ensuring cached visualizations aren't shown to the wrong user.
* Fix: Include RLS filters for cache keys
This fix makes sure that RLS filters are searched for templatable jinja
content, ensuring cached visualizations aren't shown to the wrong user.
Co-authored-by: Ville Brofeldt <[email protected]>
Co-authored-by: Ville Brofeldt <[email protected]>
---
superset/connectors/sqla/models.py | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/superset/connectors/sqla/models.py
b/superset/connectors/sqla/models.py
index 601a69d..667c9d4 100644
--- a/superset/connectors/sqla/models.py
+++ b/superset/connectors/sqla/models.py
@@ -1454,6 +1454,10 @@ class SqlaTable( # pylint:
disable=too-many-public-methods,too-many-instance-at
templatable_statements.append(extras["where"])
if "having" in extras:
templatable_statements.append(extras["having"])
+ if config["ENABLE_ROW_LEVEL_SECURITY"] and self.is_rls_supported:
+ templatable_statements += [
+ f.clause for f in security_manager.get_rls_filters(self)
+ ]
for statement in templatable_statements:
if ExtraCache.regex.search(statement):
return True
