This is an automated email from the ASF dual-hosted git repository. michaelsmolina pushed a commit to branch 5.0 in repository https://gitbox.apache.org/repos/asf/superset.git
commit 724f2dc5fecd9628ef5ce771025c2a7864a939dd Author: Levis Mbote <[email protected]> AuthorDate: Sat Feb 22 01:42:35 2025 +0300 fix(roles): Add SqlLabPermalinkRestApi as default sqlab roles. (#32284) (cherry picked from commit 2c37ddb2f63d216665c8d81232500986281ccfc0) --- superset/security/manager.py | 2 ++ tests/integration_tests/security_tests.py | 2 ++ .../sql_lab/permalink/api_tests.py | 22 ++++++++++++++++++++++ 3 files changed, 26 insertions(+) diff --git a/superset/security/manager.py b/superset/security/manager.py index 33cbc814d4..450265ccb9 100644 --- a/superset/security/manager.py +++ b/superset/security/manager.py @@ -330,6 +330,8 @@ class SupersetSecurityManager( # pylint: disable=too-many-public-methods ("menu_access", "SQL Editor"), ("menu_access", "Saved Queries"), ("menu_access", "Query Search"), + ("can_read", "SqlLabPermalinkRestApi"), + ("can_write", "SqlLabPermalinkRestApi"), } SQLLAB_EXTRA_PERMISSION_VIEWS = { diff --git a/tests/integration_tests/security_tests.py b/tests/integration_tests/security_tests.py index f148f9418e..a89bb47af7 100644 --- a/tests/integration_tests/security_tests.py +++ b/tests/integration_tests/security_tests.py @@ -1488,6 +1488,8 @@ class TestRolePermission(SupersetTestCase): ("menu_access", "Saved Queries"), ("menu_access", "SQL Editor"), ("menu_access", "SQL Lab"), + ("can_read", "SqlLabPermalinkRestApi"), + ("can_write", "SqlLabPermalinkRestApi"), } self.assert_cannot_alpha(sql_lab_set) diff --git a/tests/integration_tests/sql_lab/permalink/api_tests.py b/tests/integration_tests/sql_lab/permalink/api_tests.py index 7d515b796f..a67d78989f 100644 --- a/tests/integration_tests/sql_lab/permalink/api_tests.py +++ b/tests/integration_tests/sql_lab/permalink/api_tests.py @@ -58,6 +58,28 @@ def permalink_salt(app_context) -> Iterator[str]: db.session.commit() +def test_sqllab_user_can_access_shared_query( + tab_state_data: dict[str, Any], permalink_salt: str, test_client, login_as +): + login_as(GAMMA_SQLLAB_USERNAME) + + resp = test_client.post("api/v1/sqllab/permalink", json=tab_state_data) + assert resp.status_code == 201, "Failed to create permalink" + + data = resp.json + key = data["key"] + + resp = test_client.get(f"api/v1/sqllab/permalink/{key}") + assert resp.status_code == 200, "SQL Lab user access expected" + + result = json.loads(resp.data.decode("utf-8")) + assert result == tab_state_data, "Query data mismatch" + + id_ = decode_permalink_id(key, permalink_salt) + db.session.query(KeyValueEntry).filter_by(id=id_).delete() + db.session.commit() + + def test_post( tab_state_data: dict[str, Any], permalink_salt: str, test_client, login_as ):
