villebro commented on a change in pull request #12680:
URL: https://github.com/apache/superset/pull/12680#discussion_r566112472
##########
File path: superset/views/dashboard/mixin.py
##########
@@ -62,6 +63,10 @@ class DashboardMixin: # pylint:
disable=too-few-public-methods
"want to alter specific parameters."
),
"owners": _("Owners is a list of users who can alter the dashboard."),
+ "roles": _(
+ "Roles is a list which defines access to the dashboard. if list is
"
+ "empty access is managed by the data access level."
Review comment:
Would be good to explain that these roles are always applied in addition
to data access level, with the exception of no roles which makes the dashboard
available to all roles.
##########
File path: tests/base_tests.py
##########
@@ -289,19 +294,39 @@ def get_access_requests(self, username, ds_type, ds_id):
def logout(self):
self.client.get("/logout/", follow_redirects=True)
+ def grant_access_to_dashboard(self, dashboard, role_name="Public"):
+ role = security_manager.find_role(role_name)
+ dashboard.roles.append(role)
+ db.session.merge(dashboard)
+ db.session.commit()
+
+ def revoke_access_to_dashboard(self, dashboard, role_name="Public"):
Review comment:
same here
##########
File path: tests/dashboards/base_case.py
##########
@@ -0,0 +1,114 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+import json
+from typing import Any, Dict, Union
+
+import prison
+from flask import Response
+
+from superset import app, security_manager
+from tests.base_tests import SupersetTestCase
+from tests.dashboards.consts import *
+from tests.dashboards.dashboard_test_utils import build_save_dash_parts
+from tests.dashboards.superset_factory_util import delete_all_inserted_objects
+
+
+class DashboardTestCase(SupersetTestCase):
Review comment:
General comment: we should preferably not be introducing new class-based
tests, but rather use functional `pytest` based tests. Check
`tests/alerts_tests.py` for an example. Given that this is so far along in the
making this is probably fine, but if it's possible to convert to proper
`pytest` that would be awesome.
##########
File path: tests/base_tests.py
##########
@@ -289,19 +294,39 @@ def get_access_requests(self, username, ds_type, ds_id):
def logout(self):
self.client.get("/logout/", follow_redirects=True)
+ def grant_access_to_dashboard(self, dashboard, role_name="Public"):
Review comment:
Let's make `role_name` mandatory, using the default will cause confusion
down the line.
##########
File path: tests/dashboard_tests.py
##########
@@ -453,24 +453,6 @@ def test_only_owners_can_save(self):
db.session.commit()
self.test_save_dash("alpha")
- def test_owners_can_view_empty_dashboard(self):
- dash =
db.session.query(Dashboard).filter_by(slug="empty_dashboard").first()
- if not dash:
- dash = Dashboard()
- dash.dashboard_title = "Empty Dashboard"
- dash.slug = "empty_dashboard"
- else:
- dash.slices = []
- dash.owners = []
- db.session.merge(dash)
- db.session.commit()
-
- gamma_user = security_manager.find_user("gamma")
- self.login(gamma_user.username)
-
- resp = self.get_resp("/api/v1/dashboard/")
- self.assertNotIn("/superset/dashboard/empty_dashboard/", resp)
-
Review comment:
Why was this removed? Update: it seems this was moved to
`tests/dashboards/security` - never mind
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
