[GitHub] [superset] C-monC opened a new issue, #21057: Custom SecurityManager SAWarning: Usage of the 'Session.add()' operation is not currently supported within the execution stage of the flush process

[GitBox]

C-monC opened a new issue, #21057:
URL: https://github.com/apache/superset/issues/21057

   Hi,
   
   I am trying to make a custom security manager.
   When I commit a new user using the add_user function I get the error 
   > sqlalchemy.exc.ResourceClosedError: This transaction is closed
   
   To reproduce the error either make the TokenSecurityManager class or add 
   ```
           gamma_role = self.find_role("Gamma")
           user = self.add_user(username="vadsvad",
                       email=u"t...@test.com",
                       first_name="fdasdf",
                       last_name="asdfdsafd",
                       role=gamma_role)
   ```
   at line 
https://github.com/apache/superset/blob/4f1996dba8e35ee958048b726750247ec8e518aa/superset/security/manager.py#L252
   
   The SecurityMangerClass:
   ```
   class TokenSecurityManager(SupersetSecurityManager):
   
       def __init__(self, appbuilder):
           super(TokenSecurityManager, self).__init__(appbuilder)
   
       def request_loader(self, request: Request) -> Optional[User]:
           # pylint: disable=import-outside-toplevel
           from superset.extensions import feature_flag_manager
   
           gamma_role = self.find_role("Gamma")
           user = self.add_user(username="vadsvad",
                       email=u"t...@test.com",
                       first_name="fdasdf",
                       last_name="asdfdsafd",
                       role=gamma_role)
           return None
   
       def add_user(
           self,
           username,
           first_name,
           last_name,
           email,
           role,
           hashed_password=""
       ):  
           """
               Generic function to create user
           """
           # try:
           user = self.user_model()
           user.first_name = first_name
           user.last_name = last_name
           user.username = username
           user.email = email
           user.active = True
           user.roles = [role]
           user.password = hashed_password
           self.get_session.add(user)
           self.get_session.commit()     <---------- error thrown on this line.
           return user
           # except Exception as e:
           #     self.get_session.rollback()
           #     return False
   ```
   I know this is more of a Flask AppBuilder issue but any assistance into 
where this transaction is being closed will be great.
   I could just create a new session engine + session as a workaround. I just 
don't understand how this doesn't work
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscr...@superset.apache.org.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscr...@superset.apache.org
For additional commands, e-mail: notifications-h...@superset.apache.org