dpgaspar commented on code in PR #21515:
URL: https://github.com/apache/superset/pull/21515#discussion_r978718642
##########
superset/views/filters.py:
##########
@@ -48,3 +52,31 @@ def apply(self, query: Query, value: Optional[Any]) -> Query:
user_model.username.ilike(like_value),
)
)
+
+
+class BaseFilterRelatedUsers(BaseFilter): # pylint:
disable=too-few-public-methods
+
+ """
+ Filter to apply on related users. Will exclude users in
EXCLUDE_USERS_FROM_LISTS
+
+ Use in the api by adding something like:
+ ```
+ filter_rel_fields = {
+ "owners": [["id", BaseFilterRelatedUsers, lambda: []]],
+ "created_by": [["id", BaseFilterRelatedUsers, lambda: []]],
+ }
+ ```
+ """
+
+ name = lazy_gettext("username")
+ arg_name = "username"
+
+ def apply(self, query: Query, value: Optional[Any]) -> Query:
+ user_model = security_manager.user_model
+ exclude_users = (
+ security_manager.get_exclude_users_from_lists()
+ if current_app.config["EXCLUDE_USERS_FROM_LISTS"] is None
+ else current_app.config["EXCLUDE_USERS_FROM_LISTS"]
Review Comment:
Overriding the method makes it possibly more dynamic and the existing config
key makes it easier to discover the functionality itself.
I understand yet another config setting, but relying on configuration hidden
behind overriding a method on security manager is harder to discover and forces
users to override the security manager (they may have not done it)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
