[GitHub] [superset] Samira-El commented on a diff in pull request #20114: feat(chart): Enable caching per user when user impersonation is enabled

Wed, 25 May 2022 06:50:01 -0700 


Samira-El commented on code in PR #20114:
URL: https://github.com/apache/superset/pull/20114#discussion_r881676692


##########
superset/connectors/sqla/models.py:
##########
@@ -2026,6 +2027,15 @@ class and any keys added via `ExtraCache`.
         if self.has_extra_cache_key_calls(query_obj):
             sqla_query = self.get_sqla_query(**query_obj)
             extra_cache_keys += sqla_query.extra_cache_keys
+
+        sqlalchemy_url = make_url_safe(self.database.sqlalchemy_uri_decrypted)
+
+        if effective_user := self.database.get_effective_user(sqlalchemy_url):
+            logger.debug("User impersonation is enabled for database '%s', 
adding "
+                         "current username to '%s' datasource's extra cache 
keys",
+                         self.database_name, self.datasource_name)
+            extra_cache_keys.append(effective_user)

Review Comment:
   Hi @villebro, I made changes as per your suggestions, I ran into some issues 
so the impementation is not exactly as requested:
   
   * I made `get_impersonation_key` expect a username as str rather than a User 
instance, I didn't want to add a trip to the DB to get the instance by username 
just to use the username eventually, I'm getting the username from the flask 
app context using the existing function `get_username`, if there is a better 
way then please lmk.
   * I noticed that the `datasource` param in QueryObject is always null, it 
doesn't seem to be set when the Factory class creates an instance of 
QueryObject, so I changed the Factory class to explicity pass the datasource it 
has, that way be able to use it to the db and impersonate_user attribute. 
   * As requested by nytai, there is now a feature flag to enable/disable this 
caching per user, it's off by default, not sure if the name is ok (naming stuff 
is hard 😄 ), happy to change the flag.
   
   
   Can you take a look please? TIA  



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to