This is an automated email from the ASF dual-hosted git repository. villebro pushed a commit to branch 0.37 in repository https://gitbox.apache.org/repos/asf/incubator-superset.git
commit 024ef9a9e3b1f3e75863f7133e150940bd804110 Author: Daniel Vaz Gaspar <[email protected]> AuthorDate: Wed Jul 29 09:32:10 2020 +0100 fix(log): log endpoint authentication (#10435) * fix(log): log crashes if expired or not authenticated * add auth to log endpoint --- superset/utils/log.py | 2 +- superset/views/core.py | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/superset/utils/log.py b/superset/utils/log.py index 1b6e1b6..5b11d45 100644 --- a/superset/utils/log.py +++ b/superset/utils/log.py @@ -42,7 +42,7 @@ class AbstractEventLogger(ABC): @functools.wraps(f) def wrapper(*args: Any, **kwargs: Any) -> Any: user_id = None - if g.user: + if hasattr(g, "user") and g.user: user_id = g.user.get_id() payload = request.form.to_dict() or {} diff --git a/superset/views/core.py b/superset/views/core.py index bce09963..7f540ab 100755 --- a/superset/views/core.py +++ b/superset/views/core.py @@ -1686,6 +1686,7 @@ class Superset(BaseSupersetView): # pylint: disable=too-many-public-methods @api @event_logger.log_this + @has_access @expose("/log/", methods=["POST"]) def log(self) -> FlaskResponse: # pylint: disable=no-self-use return Response(status=200)
