This is an automated email from the ASF dual-hosted git repository. beto pushed a commit to branch fix-catalog-security-manager in repository https://gitbox.apache.org/repos/asf/superset.git
commit 4ac472710ef53dc88b2ace95d2cab32757cbd1b8 Author: Beto Dealmeida <[email protected]> AuthorDate: Fri Jul 12 19:33:34 2024 -0400 fix: catalog permission check --- superset/databases/api.py | 4 +--- superset/security/manager.py | 9 +++++++-- 2 files changed, 8 insertions(+), 5 deletions(-) diff --git a/superset/databases/api.py b/superset/databases/api.py index af5ce255ae..3e085208d0 100644 --- a/superset/databases/api.py +++ b/superset/databases/api.py @@ -1885,9 +1885,7 @@ class DatabaseRestApi(BaseSupersetModelRestApi): @protect() @statsd_metrics @event_logger.log_this_with_context( - action=lambda self, - *args, - **kwargs: f"{self.__class__.__name__}.columnar_upload", + action=lambda self, *args, **kwargs: f"{self.__class__.__name__}.columnar_upload", log_to_statsd=False, ) @requires_form_data diff --git a/superset/security/manager.py b/superset/security/manager.py index 53fc9aa232..30cf37f117 100644 --- a/superset/security/manager.py +++ b/superset/security/manager.py @@ -860,7 +860,7 @@ class SupersetSecurityManager( # pylint: disable=too-many-public-methods if len(parts) == 2 and default_catalog: accessible_catalogs.add(default_catalog) elif len(parts) == 3: - accessible_catalogs.add(parts[2]) + accessible_catalogs.add(parts[1]) # datasource_access if perms := self.user_view_menu_names("datasource_access"): @@ -911,7 +911,12 @@ class SupersetSecurityManager( # pylint: disable=too-many-public-methods return datasource_names if schema: - schema_perm = self.get_schema_perm(database, catalog, schema) + default_catalog = database.get_default_catalog() + schema_perm = self.get_schema_perm( + database.database_name, + catalog or default_catalog, + schema, + ) if schema_perm and self.can_access("schema_access", schema_perm): return datasource_names
