[GitHub] [superset] dpgaspar commented on a change in pull request #15184: fix: datasource payload is incorrect

GitBox Wed, 16 Jun 2021 01:16:09 -0700


dpgaspar commented on a change in pull request #15184:
URL: https://github.com/apache/superset/pull/15184#discussion_r652457750




##########
File path: superset/connectors/connector_registry.py
##########
@@ -73,6 +74,47 @@ def get_all_datasources(cls, session: Session) -> 
List["BaseDatasource"]:
             datasources.extend(qry.all())
         return datasources
 
+    @classmethod
+    def get_user_datasources(cls, session: Session) -> List["BaseDatasource"]:
+        from superset import security_manager
+
+        # collect datasources which the user has explicit permissions to
+        user_perms = security_manager.user_view_menu_names("datasource_access")
+        schema_perms = security_manager.user_view_menu_names("schema_access")
+        user_datasources = []
+        for datasource_class in ConnectorRegistry.sources.values():
+            user_datasources.extend(
+                session.query(datasource_class)
+                .filter(
+                    or_(
+                        datasource_class.perm.in_(user_perms),
+                        datasource_class.schema_perm.in_(schema_perms),
+                    )
+                )
+                .all()
+            )
+
+        # get all datasources and organize by database -> schema -> datasource
+        all_datasources = cls.get_all_datasources(session)
+        hierarchy: Dict[
+            "Database", Dict[Optional[str], Set["BaseDatasource"]]
+        ] = defaultdict(lambda: defaultdict(set))
+        for datasource in all_datasources:
+            hierarchy[datasource.database][datasource.schema].add(datasource)
+
+        # add datasources with implicit permission (eg, database access)
+        for database, schemas_tables in hierarchy.items():
+            has_database_access = 
security_manager.can_access_database(database)
+            for schema, datasources in schemas_tables.items():
+                schema_perm = security_manager.get_schema_perm(database, 
schema)
+                if has_database_access or (
+                    schema_perm
+                    and security_manager.can_access("schema_access", 
schema_perm)
+                ):
+                    user_datasources.extend(datasources)

Review comment:
       oh! this makes me question the validity of the get methods on the MVC 
and API, they both depend on: 
https://github.com/apache/superset/blob/master/superset/views/base.py#L581
   




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
[email protected]



---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[GitHub] [superset] dpgaspar commented on a change in pull request #15184: fix: datasource payload is incorrect

Reply via email to