asdi744 opened a new issue #8460: superset cache ignoring "current_user_id()" being used in SQL queries URL: https://github.com/apache/incubator-superset/issues/8460 ### Expected results To show relevant data to currently logged in user, "current_user_id()" is being used in WHERE clause of SQL query. It should show data filtered by currently logged in user even if cache is used. ### Actual results It is showing results cached by the last logged in user from. #### How to reproduce the bug 1. Create a dashboard/slices using the "current_user_id()" in WHERE clause of the query. 2. Log in as User A, it shows result filtered for User A. 3. Log in as User B, it still shows result filtered for User A (from cache). ### Environment (please complete the following information): - superset version: `0.30.0` - python version: `3.6.8` ### Checklist Make sure these boxes are checked before submitting your issue - thank you! - [x] I have checked the superset logs for python stacktraces and included it here as text if there are any. - [x] I have reproduced the issue with at least the latest released version of superset. - [x] I have checked the issue tracker for the same issue and I haven't found one similar. ### Additional context Add any other context about the problem here. Logs: ------------------- Logged in as User A ------------------- 2019-10-28 15:30:24,549:INFO:werkzeug:192.168.0.9 - - [28/Oct/2019 15:30:24] "GET /login/ HTTP/1.1" 200 - 2019-10-28 15:30:50,381:INFO:werkzeug:192.168.0.9 - - [28/Oct/2019 15:30:50] "POST /login/ HTTP/1.1" 302 - 2019-10-28 15:30:50,397:INFO:werkzeug:192.168.0.9 - - [28/Oct/2019 15:30:50] "GET / HTTP/1.1" 302 - 2019-10-28 15:30:50,462:INFO:werkzeug:192.168.0.9 - - [28/Oct/2019 15:30:50] "GET /superset/welcome HTTP/1.1" 200 - 2019-10-28 15:30:50,602:INFO:werkzeug:192.168.0.9 - - [28/Oct/2019 15:30:50] "GET /superset/recent_activity/16/?limit=50 HTTP/1.1" 401 - 2019-10-28 15:30:50,618:INFO:werkzeug:192.168.0.9 - - [28/Oct/2019 15:30:50] "GET /superset/fave_slices/16/ HTTP/1.1" 401 - 2019-10-28 15:30:50,619:INFO:werkzeug:192.168.0.9 - - [28/Oct/2019 15:30:50] "GET /superset/fave_dashboards/16/ HTTP/1.1" 401 - 2019-10-28 15:30:50,716:INFO:werkzeug:192.168.0.9 - - [28/Oct/2019 15:30:50] "GET /dashboardasync/api/read?_oc_DashboardModelViewAsync=changed_on&_od_DashboardModelViewAsync=desc HTTP/1.1" 200 - 2019-10-28 15:30:58,157:INFO:root:Database.get_sqla_engine(). Masked URL: postgresql+psycopg2://XXXXXXXXX:XXXXXXXXXX@localhost:XXXX/XXXXXX 2019-10-28 15:30:58,159:INFO:root:Database.get_sqla_engine(). Masked URL: postgresql+psycopg2://XXXXXXXXX:XXXXXXXXXX@localhost:XXXX/XXXXXX 2019-10-28 15:30:58,221:INFO:werkzeug:192.168.0.9 - - [28/Oct/2019 15:30:58] "GET /superset/dashboard/superset-cache-test/ HTTP/1.1" 200 - 2019-10-28 15:30:58,657:INFO:werkzeug:192.168.0.9 - - [28/Oct/2019 15:30:58] "GET /superset/favstar/Dashboard/51/count HTTP/1.1" 308 - 2019-10-28 15:30:58,671:INFO:werkzeug:192.168.0.9 - - [28/Oct/2019 15:30:58] "GET /csstemplateasyncmodelview/api/read HTTP/1.1" 401 - 2019-10-28 15:30:58,692:INFO:werkzeug:192.168.0.9 - - [28/Oct/2019 15:30:58] "GET /superset/favstar/Dashboard/51/count/ HTTP/1.1" 401 - 2019-10-28 15:30:59,196:INFO:root:Cache key: 862c72a68170adca4ea48a48df000685 2019-10-28 15:30:59,204:INFO:root:Cache key: db13e84d6d9883b0655add7ce96da1ea 2019-10-28 15:30:59,206:INFO:root:Serving from cache 2019-10-28 15:30:59,212:INFO:root:Serving from cache 2019-10-28 15:30:59,218:INFO:werkzeug:192.168.0.9 - - [28/Oct/2019 15:30:59] "POST /superset/explore_json/?form_data=%7B%22slice_id%22%3A817%7D HTTP/1.1" 200 - 2019-10-28 15:30:59,227:INFO:werkzeug:192.168.0.9 - - [28/Oct/2019 15:30:59] "POST /superset/explore_json/?form_data=%7B%22slice_id%22%3A816%7D HTTP/1.1" 200 - 2019-10-28 15:31:00,441:INFO:werkzeug:192.168.0.9 - - [28/Oct/2019 15:31:00] "POST /superset/log/?explode=events&dashboard_id=51 HTTP/1.1" 200 - 2019-10-28 15:31:29,869:INFO:werkzeug:192.168.0.9 - - [28/Oct/2019 15:31:29] "GET /logout/ HTTP/1.1" 302 - 2019-10-28 15:31:29,884:INFO:werkzeug:192.168.0.9 - - [28/Oct/2019 15:31:29] "GET / HTTP/1.1" 302 - 2019-10-28 15:31:29,898:INFO:werkzeug:192.168.0.9 - - [28/Oct/2019 15:31:29] "GET /superset/welcome HTTP/1.1" 302 - ------------------- Logged in as User B ------------------- 2019-10-28 15:31:29,939:INFO:werkzeug:192.168.0.9 - - [28/Oct/2019 15:31:29] "GET /login/ HTTP/1.1" 200 - 2019-10-28 15:31:34,706:INFO:werkzeug:192.168.0.9 - - [28/Oct/2019 15:31:34] "POST /login/ HTTP/1.1" 302 - 2019-10-28 15:31:34,721:INFO:werkzeug:192.168.0.9 - - [28/Oct/2019 15:31:34] "GET / HTTP/1.1" 302 - 2019-10-28 15:31:34,785:INFO:werkzeug:192.168.0.9 - - [28/Oct/2019 15:31:34] "GET /superset/welcome HTTP/1.1" 200 - 2019-10-28 15:31:34,935:INFO:werkzeug:192.168.0.9 - - [28/Oct/2019 15:31:34] "GET /superset/recent_activity/60/?limit=50 HTTP/1.1" 401 - 2019-10-28 15:31:34,939:INFO:werkzeug:192.168.0.9 - - [28/Oct/2019 15:31:34] "GET /superset/fave_slices/60/ HTTP/1.1" 401 - 2019-10-28 15:31:34,940:INFO:werkzeug:192.168.0.9 - - [28/Oct/2019 15:31:34] "GET /superset/fave_dashboards/60/ HTTP/1.1" 401 - 2019-10-28 15:31:35,010:INFO:werkzeug:192.168.0.9 - - [28/Oct/2019 15:31:35] "GET /dashboardasync/api/read?_oc_DashboardModelViewAsync=changed_on&_od_DashboardModelViewAsync=desc HTTP/1.1" 200 - 2019-10-28 15:31:36,341:INFO:root:Database.get_sqla_engine(). Masked URL: postgresql+psycopg2://XXXXXXXXXXXXXXXXXXX@localhost:XXXX/XXXXXX 2019-10-28 15:31:36,343:INFO:root:Database.get_sqla_engine(). Masked URL: postgresql+psycopg2://XXXXXXXXXXXXXXXXXXX@localhost:XXXX/XXXXXX 2019-10-28 15:31:36,397:INFO:werkzeug:192.168.0.9 - - [28/Oct/2019 15:31:36] "GET /superset/dashboard/superset-cache-test/ HTTP/1.1" 200 - 2019-10-28 15:31:36,580:INFO:werkzeug:192.168.0.9 - - [28/Oct/2019 15:31:36] "GET /superset/favstar/Dashboard/51/count HTTP/1.1" 308 - 2019-10-28 15:31:36,591:INFO:werkzeug:192.168.0.9 - - [28/Oct/2019 15:31:36] "GET /csstemplateasyncmodelview/api/read HTTP/1.1" 401 - 2019-10-28 15:31:36,615:INFO:werkzeug:192.168.0.9 - - [28/Oct/2019 15:31:36] "GET /superset/favstar/Dashboard/51/count/ HTTP/1.1" 401 - 2019-10-28 15:31:37,112:INFO:root:Cache key: 862c72a68170adca4ea48a48df000685 2019-10-28 15:31:37,119:INFO:root:Serving from cache 2019-10-28 15:31:37,123:INFO:root:Cache key: db13e84d6d9883b0655add7ce96da1ea 2019-10-28 15:31:37,125:INFO:root:Serving from cache 2019-10-28 15:31:37,129:INFO:werkzeug:192.168.0.9 - - [28/Oct/2019 15:31:37] "POST /superset/explore_json/?form_data=%7B%22slice_id%22%3A817%7D HTTP/1.1" 200 - 2019-10-28 15:31:37,132:INFO:werkzeug:192.168.0.9 - - [28/Oct/2019 15:31:37] "POST /superset/explore_json/?form_data=%7B%22slice_id%22%3A816%7D HTTP/1.1" 200 - 2019-10-28 15:31:38,276:INFO:werkzeug:192.168.0.9 - - [28/Oct/2019 15:31:38] "POST /superset/log/?explode=events&dashboard_id=51 HTTP/1.1" 200 -
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
