ofekisr commented on a change in pull request #18781: URL: https://github.com/apache/superset/pull/18781#discussion_r808838039
########## File path: superset/models/superset_core/user.py ########## @@ -0,0 +1,34 @@ +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + +import logging + +from flask_appbuilder import Model +from flask_appbuilder.security.sqla.models import assoc_user_role, User as FabUser +from sqlalchemy.orm import relationship + +metadata = Model.metadata # pylint: disable=no-member +logger = logging.getLogger(__name__) + + +class SupersetUser(FabUser): + __tablename__ = "ab_user" Review comment: why again? ########## File path: superset/security/manager.py ########## @@ -140,6 +140,14 @@ def __init__(self, **kwargs: Any) -> None: class SupersetSecurityManager( # pylint: disable=too-many-public-methods SecurityManager ): + @classmethod + def set_user_model(cls, superset_user: object) -> None: Review comment: those methods shouldn't be declare here, more down in the class ########## File path: superset/models/superset_core/user.py ########## @@ -0,0 +1,34 @@ +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + +import logging + +from flask_appbuilder import Model +from flask_appbuilder.security.sqla.models import assoc_user_role, User as FabUser +from sqlalchemy.orm import relationship + +metadata = Model.metadata # pylint: disable=no-member +logger = logging.getLogger(__name__) + + +class SupersetUser(FabUser): + __tablename__ = "ab_user" + + __table_args__ = {"extend_existing": True} + roles = relationship( Review comment: why defined again? why the SupersetUser model should be aware that you decided to extend another model? ########## File path: superset/models/superset_core/role.py ########## @@ -0,0 +1,34 @@ +# Licensed to the Apache Software Foundation (ASF) under one Review comment: why is a Role model is considered to be a superset core? ########## File path: superset/models/superset_core/user.py ########## @@ -0,0 +1,34 @@ +# Licensed to the Apache Software Foundation (ASF) under one Review comment: why is a user model is considered to be a superset core? ########## File path: superset/models/superset_core/role.py ########## @@ -0,0 +1,34 @@ +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + +import logging + +from flask_appbuilder import Model +from flask_appbuilder.security.sqla.models import Role as FabRole + +from superset.models.helpers import ImportExportMixin + +metadata = Model.metadata # pylint: disable=no-member +logger = logging.getLogger(__name__) + + +class SupersetRole(FabRole, ImportExportMixin): + __tablename__ = "ab_role" Review comment: why defined again? ########## File path: superset/models/superset_core/role.py ########## @@ -0,0 +1,34 @@ +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + +import logging + +from flask_appbuilder import Model +from flask_appbuilder.security.sqla.models import Role as FabRole + +from superset.models.helpers import ImportExportMixin + +metadata = Model.metadata # pylint: disable=no-member +logger = logging.getLogger(__name__) + + +class SupersetRole(FabRole, ImportExportMixin): + __tablename__ = "ab_role" + + __table_args__ = {"extend_existing": True} + + export_fields = ["name"] Review comment: use a constant instead of "name" ########## File path: superset/initialization/__init__.py ########## @@ -607,6 +609,8 @@ def configure_fab(self) -> None: appbuilder.base_template = "superset/base.html" appbuilder.security_manager_class = custom_sm appbuilder.init_app(self.superset_app, db.session) + custom_sm.set_user_model(SupersetUser) Review comment: line 612, 613 should be declared before 610, you should assign the security_manager after it is ready to be used. and I would extract it to different method ########## File path: superset/models/__init__.py ########## @@ -14,12 +14,9 @@ # KIND, either express or implied. See the License for the # specific language governing permissions and limitations # under the License. -from . import ( Review comment: it is ok to declare here the nested imports, this is the purpose of init file, solving circular imports should not be here ########## File path: superset/initialization/__init__.py ########## @@ -48,6 +48,8 @@ results_backend_manager, talisman, ) +from superset.models.superset_core.role import SupersetRole Review comment: you should not import models here, it could leverage a problems when imports models too soon -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
