This is an automated email from the ASF dual-hosted git repository.
dpgaspar pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-superset.git
The following commit(s) were added to refs/heads/master by this push:
new c9ee598 fix(security): can_access with None crashes on builtin roles
(#10039)
c9ee598 is described below
commit c9ee598ac9b25fc5a0a4d10276d67cce481c2a2a
Author: Daniel Vaz Gaspar <danielvazgas...@gmail.com>
AuthorDate: Thu Jun 11 16:02:08 2020 +0100
fix(security): can_access with None crashes on builtin roles (#10039)
---
superset/security/manager.py | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/superset/security/manager.py b/superset/security/manager.py
index 772edbb..293342a 100644
--- a/superset/security/manager.py
+++ b/superset/security/manager.py
@@ -254,11 +254,11 @@ class SupersetSecurityManager(SecurityManager):
:param datasource: The Superset datasource
:returns: Whether the user can access the datasource's schema
"""
-
+ schema_perm = datasource.schema_perm or ""
return (
self.all_datasource_access()
or self.database_access(datasource.database)
- or self.can_access("schema_access", datasource.schema_perm)
+ or self.can_access("schema_access", schema_perm)
)
def datasource_access(self, datasource: "BaseDatasource") -> bool:
@@ -268,9 +268,9 @@ class SupersetSecurityManager(SecurityManager):
:param datasource: The Superset datasource
:returns: Whether the use can access the Superset datasource
"""
-
+ perm = datasource.perm or ""
return self.schema_access(datasource) or self.can_access(
- "datasource_access", datasource.perm
+ "datasource_access", perm
)
def get_datasource_access_error_msg(self, datasource: "BaseDatasource") ->
str:
