dpgaspar commented on a change in pull request #15184:
URL: https://github.com/apache/superset/pull/15184#discussion_r657792667
##########
File path: superset/connectors/connector_registry.py
##########
@@ -99,6 +100,41 @@ def get_datasource_by_id( # pylint:
disable=too-many-arguments
pass
raise NoResultFound(_("Datasource id not found: %(id)s",
id=datasource_id))
+ @classmethod
+ def get_user_datasources(cls, session: Session) -> List["BaseDatasource"]:
+ from superset import security_manager
+
+ # collect datasources which the user has explicit permissions to
+ user_perms = security_manager.user_view_menu_names("datasource_access")
+ schema_perms = security_manager.user_view_menu_names("schema_access")
+ user_datasources = set()
+ for datasource_class in ConnectorRegistry.sources.values():
+ user_datasources.update(
+ session.query(datasource_class)
Review comment:
@betodealmeida @john-bodley I think that the question here is that
AirBnb totally overrides the DB permissions, they do that by overriding the
security manager, their permission "backend" is something totally different. So
that's possible if all permission checks are done on the security manager.
Makes me think how can that work on the REST API defined filters
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
