[GitHub] [superset] john-bodley commented on a change in pull request #15636: refactor: Move is_user_admin() to security_manager

GitBox Fri, 16 Jul 2021 21:38:58 -0700


john-bodley commented on a change in pull request #15636:
URL: https://github.com/apache/superset/pull/15636#discussion_r671608092




##########
File path: superset/security/manager.py
##########
@@ -1206,3 +1205,16 @@ def can_access_based_on_dashboard(datasource: 
"BaseDatasource") -> bool:
 
         exists = db.session.query(query.exists()).scalar()
         return exists
+
+    def is_user_admin(self) -> bool:
+        if g.user.is_anonymous:
+            from superset import conf
+
+            public_role = conf.get("AUTH_ROLE_PUBLIC")
+            user_roles = [self.find_role(public_role)] if public_role else []
+        else:
+            user_roles = g.user.roles
+
+        user_roles = [role.name.lower() for role in user_roles]
+
+        return "admin" in user_roles

Review comment:
       ```suggestion
   ```

##########
File path: superset/security/manager.py
##########
@@ -1206,3 +1205,16 @@ def can_access_based_on_dashboard(datasource: 
"BaseDatasource") -> bool:
 
         exists = db.session.query(query.exists()).scalar()
         return exists
+
+    def is_user_admin(self) -> bool:
+        if g.user.is_anonymous:
+            from superset import conf

Review comment:
       I know that this pattern is used elsewhere in this file, but 
`current_app.config.get(...)` seems more Flask like.

##########
File path: superset/security/manager.py
##########
@@ -1206,3 +1205,16 @@ def can_access_based_on_dashboard(datasource: 
"BaseDatasource") -> bool:
 
         exists = db.session.query(query.exists()).scalar()
         return exists
+
+    def is_user_admin(self) -> bool:
+        if g.user.is_anonymous:
+            from superset import conf
+
+            public_role = conf.get("AUTH_ROLE_PUBLIC")
+            user_roles = [self.find_role(public_role)] if public_role else []
+        else:
+            user_roles = g.user.roles
+
+        user_roles = [role.name.lower() for role in user_roles]

Review comment:
       ```suggestion
           return "admin" in [role.name.lower() for role in user_roles]
   ```




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]



---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[GitHub] [superset] john-bodley commented on a change in pull request #15636: refactor: Move is_user_admin() to security_manager

Reply via email to