This is an automated email from the ASF dual-hosted git repository.
maximebeauchemin pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-superset.git
The following commit(s) were added to refs/heads/master by this push:
new d570120 [FAB] configuring updating of permissions (#4172)
d570120 is described below
commit d57012067bccec95f3720dd290fd04c0457d6da8
Author: John Bodley <[email protected]>
AuthorDate: Mon Jan 8 14:39:18 2018 -0800
[FAB] configuring updating of permissions (#4172)
---
docs/installation.rst | 23 ++++++++++++++++++++++-
setup.py | 2 +-
superset/__init__.py | 4 +++-
superset/utils.py | 5 +++++
4 files changed, 31 insertions(+), 3 deletions(-)
diff --git a/docs/installation.rst b/docs/installation.rst
index 716afe5..4031819 100644
--- a/docs/installation.rst
+++ b/docs/installation.rst
@@ -167,6 +167,27 @@ work on Windows so the `superset runserver` command is not
expected to work
in that context. Also note that the development web
server (`superset runserver -d`) is not intended for production use.
+Flask-AppBuilder Permissions
+----------------------------
+
+By default every time the Flask-AppBuilder (FAB) app is initialized the
+permissions and views are added automatically to the backend and associated
with
+the ‘Admin’ role. The issue however is when you are running multiple concurrent
+workers this creates a lot of contention and race conditions when defining
+permissions and views.
+
+To alleviate this issue, the automatic updating of permissions can be disabled
+by setting the :envvar:`SUPERSET_UPDATE_PERMS` environment variable to `0`.
+The value `1` enables it, `0` disables it. Note if undefined the functionality
+is enabled to maintain backwards compatibility.
+
+In a production environment initialization could take on the following form:
+
+ export SUPERSET_UPDATE_PERMS=1
+ superset init
+
+ export SUPERSET_UPDATE_PERMS=0
+ gunicorn -w 10 ... superset:app
Configuration behind a load balancer
------------------------------------
@@ -181,7 +202,7 @@ If the load balancer is inserting
X-Forwarded-For/X-Forwarded-Proto headers, you
should set `ENABLE_PROXY_FIX = True` in the superset config file to extract
and use
the headers.
-In case that the reverse proxy is used for providing ssl encryption,
+In case that the reverse proxy is used for providing ssl encryption,
an explicit definition of the `X-Forwarded-Proto` may be required.
For the Apache webserver this can be set as follows: ::
diff --git a/setup.py b/setup.py
index f662e88..00b56d2 100644
--- a/setup.py
+++ b/setup.py
@@ -49,7 +49,7 @@ setup(
'colorama==0.3.9',
'cryptography==1.9',
'flask==0.12.2',
- 'flask-appbuilder==1.9.4',
+ 'flask-appbuilder==1.9.5',
'flask-cache==0.13.1',
'flask-migrate==2.0.3',
'flask-script==2.0.5',
diff --git a/superset/__init__.py b/superset/__init__.py
index 5d0c674..8aabca4 100644
--- a/superset/__init__.py
+++ b/superset/__init__.py
@@ -152,7 +152,9 @@ appbuilder = AppBuilder(
db.session,
base_template='superset/base.html',
indexview=MyIndexView,
- security_manager_class=app.config.get('CUSTOM_SECURITY_MANAGER'))
+ security_manager_class=app.config.get('CUSTOM_SECURITY_MANAGER'),
+ update_perms=utils.get_update_perms_flag(),
+)
sm = appbuilder.sm
diff --git a/superset/utils.py b/superset/utils.py
index c64e8cf..ee81af5 100644
--- a/superset/utils.py
+++ b/superset/utils.py
@@ -767,3 +767,8 @@ def merge_extra_filters(form_data):
form_data['filters'] += [filtr]
# Remove extra filters from the form data since no longer needed
del form_data['extra_filters']
+
+
+def get_update_perms_flag():
+ val = os.environ.get('SUPERSET_UPDATE_PERMS')
+ return val.lower() not in ('0', 'false', 'no') if val else True
--
To stop receiving notification emails like this one, please contact
['"[email protected]" <[email protected]>'].
