toniphan21 opened a new pull request, #28357: URL: https://github.com/apache/superset/pull/28357
### SUMMARY When a user has no admin access and is trying to run a query in SQL Lab, Superset needs to check: - Database access - Schema access - Data source access - To be able to check schema access, Superset needs to know which table the user is trying to execute on and use `extract_tables_from_jinja_sql()` to get it. There are 2 ways to extract table set: - Extract any tables referenced within the confines of specific Jinja macros. - Parse SQL and get table. In the line I changed, there is simply a bug that uses `template` which has type Template. The correct one should be `sql`, which is a string sent by the user. ### TESTING INSTRUCTIONS Reproduce steps: 1. Create a new user 2. Create a role with permission: "schema access on [examples].[main]" 3. Assign the user to the role and "sql_lab" role 4. Log in with the new user and go to SQL Lab. 5. Write a simple query and execute it. You will see that the `/api/v1/sqllab/execute/` endpoint returns 500 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
