Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(rbac): show objects accessible by database access perm #23118

Merged
merged 10 commits into from
Feb 24, 2023

Conversation

villebro
Copy link
Member

@villebro villebro commented Feb 19, 2023

SUMMARY

Currently giving a user "database access on ..." does indeed give access to all dashboards, charts and datasets on that database, but they don't show up on the list views. This fixes that. Other changes:

  • Similar logic existed in multiple places across the codebase, some of which were missing recently introduced permission logic. To DRY it up, we introduce a new util that generates the necessary filter clauses and use that in all places where we need to filter by accessible datasets.
  • The fairly recent PR fix: Allow dataset owners to see their datasets #20135 introduced logic to display datasets that the user owns. While it's important to show datasets that are owned, the logic introduced in that PR is no longer necessary after this change, as users will now see all owned datasets, as long as they can access them. Therefore the added logic is removed and the integration test is replaced by a test that ensures that the correct datasets are visible with the correct roles/perms.

TESTING INSTRUCTIONS

  1. Add a database "X"
  2. Create a role "Y" with the "database access on X" permission
  3. Add a dataset from the database, create a chart from it and also create + publish a dashboard from it.
  4. Create a user with roles "Gamma" and "Y"
  5. Login with that user and notice that the newly added dataset + chart + dashboard is now shown on the listview.

ADDITIONAL INFORMATION

  • Has associated issue: closes database access on [DATABASE] does not allow read data sources #20208
  • Required feature flags:
  • Changes UI
  • Includes DB Migration (follow approval process in SIP-59)
    • Migration is atomic, supports rollback & is backwards-compatible
    • Confirm DB migration upgrade and downgrade tested
    • Runtime estimates and downtime expectations provided
  • Introduces new feature or API
  • Removes existing feature or API

@codecov
Copy link

codecov bot commented Feb 19, 2023

Codecov Report

Merging #23118 (b5698b6) into master (95eb8d7) will decrease coverage by 11.27%.
The diff coverage is 53.12%.

❗ Current head b5698b6 differs from pull request most recent head a5abc24. Consider uploading reports for the commit a5abc24 to get more accurate results

@@             Coverage Diff             @@
##           master   #23118       +/-   ##
===========================================
- Coverage   67.45%   56.19%   -11.27%     
===========================================
  Files        1898     1899        +1     
  Lines       73111    73123       +12     
  Branches     7952     7952               
===========================================
- Hits        49320    41093     -8227     
- Misses      21755    29994     +8239     
  Partials     2036     2036               
Flag Coverage Δ
hive ?
mysql ?
postgres ?
presto 52.76% <53.12%> (+0.01%) ⬆️
python 58.96% <53.12%> (-23.37%) ⬇️
sqlite ?
unit 52.60% <53.12%> (+0.01%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files Coverage Δ
superset/charts/filters.py 68.33% <42.85%> (-19.60%) ⬇️
superset/utils/filters.py 45.45% <45.45%> (ø)
superset/views/base.py 61.24% <50.00%> (-15.39%) ⬇️
superset/views/chart/filters.py 70.00% <50.00%> (-5.00%) ⬇️
superset/security/manager.py 62.46% <60.00%> (-33.47%) ⬇️
superset/dashboards/filters.py 52.68% <100.00%> (-40.87%) ⬇️
superset/utils/dashboard_import_export.py 0.00% <0.00%> (-100.00%) ⬇️
superset/tags/core.py 4.54% <0.00%> (-95.46%) ⬇️
superset/key_value/commands/update.py 0.00% <0.00%> (-90.91%) ⬇️
superset/key_value/commands/delete.py 0.00% <0.00%> (-87.88%) ⬇️
... and 296 more

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

@pull-request-size pull-request-size bot added size/L and removed size/M labels Feb 20, 2023
@villebro villebro changed the title [WIP] fix(rbac): show objects accessible by database access perm fix(rbac): show objects accessible by database access perm Feb 20, 2023
Comment on lines +2277 to +2278
db.session.delete(new_dataset)
db.session.commit()
Copy link
Member Author

@villebro villebro Feb 20, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This test didn't clean up after itself, causing the updated test to fail, hence the added cleanup here

Copy link
Member

@dpgaspar dpgaspar left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is great, could be considered a breaking change, since all users with database access to X on SQLLab, will now have access to all dashboards/charts with datasets from that database.
Would be nice to have more tests asserting this change on charts and dashboards.

@villebro
Copy link
Member Author

This is great, could be considered a breaking change, since all users with database access to X on SQLLab, will now have access to all dashboards/charts with datasets from that database.
Would be nice to have more tests asserting this change on charts and dashboards.

In fact all users already had access to the underlying entities (datasets, charts and dashboards), they were just not showing up on the list views. So I rather consider this a fix, unless someone was relying on some items to be hidden but accessible.

Having said that, it does make sense to at least add a note to UPDATING.md. Do you think that would be sufficient? Or does this need to wait for 3.0 and be put behind a feature flag before then?

@dpgaspar
Copy link
Member

This is great, could be considered a breaking change, since all users with database access to X on SQLLab, will now have access to all dashboards/charts with datasets from that database.
Would be nice to have more tests asserting this change on charts and dashboards.

In fact all users already had access to the underlying entities (datasets, charts and dashboards), they were just not showing up on the list views. So I rather consider this a fix, unless someone was relying on some items to be hidden but accessible.

Having said that, it does make sense to at least add a note to UPDATING.md. Do you think that would be sufficient? Or does this need to wait for 3.0 and be put behind a feature flag before then?

I vote for just adding a note on UPDATING, but @eschutho should have a word here

@cccs-tom
Copy link
Contributor

Have we settled on the fact that this change is not breaking, @dpgaspar and @villebro? And if so could this be included in the 2.1.0 release, please @eschutho?

@eschutho
Copy link
Member

My vote would be that this isn't a breaking change. It seems like it would have been expected behavior that the crud view shows all objects that you have access to. @cccs-tom I already cut the 2.1 release, but I could cherry this in as a fix into a future rc if there is one.

@yousoph
Copy link
Member

yousoph commented Feb 23, 2023

/testenv up

@github-actions
Copy link
Contributor

@yousoph Ephemeral environment spinning up at http://34.222.99.39:8080. Credentials are admin/admin. Please allow several minutes for bootstrapping and startup.

@cccs-tom
Copy link
Contributor

Awesome, thank you @eschutho!

@villebro villebro added the v2.1 label Feb 23, 2023
@villebro
Copy link
Member Author

FYI, I tagged this with "v2.1", in case we end up doing 2.1.0rc2

@villebro villebro merged commit 89576f8 into apache:master Feb 24, 2023
@github-actions
Copy link
Contributor

Ephemeral environment shutdown and build artifacts deleted.

@villebro villebro deleted the villebro/database-access branch February 24, 2023 08:45
@villebro villebro mentioned this pull request Mar 1, 2023
9 tasks
lilykuang pushed a commit that referenced this pull request Mar 8, 2023
eschutho pushed a commit that referenced this pull request Mar 13, 2023
sebastiankruk added a commit to sebastiankruk/superset that referenced this pull request Mar 16, 2023
* feat: add ssh tunneling to dynamic form for Database Connection UI (apache#22689)

Co-authored-by: Antonio Rivero Martinez <38889534+Antonio-RiveroMartnez@users.noreply.github.com>
Co-authored-by: Antonio Rivero <antonioriverocode@gmail.com>
Co-authored-by: Elizabeth Thompson <eschutho@gmail.com>
Co-authored-by: Lyndsi Kay Williams <55605634+lyndsiWilliams@users.noreply.github.com>

* chore(dashboard): Log events for download as image (apache#22793)

* docs: link docker readme in docker config section (apache#22796)

* chore: Add explicit bidirectional performant relationships for SQLA model (apache#22413)

* fix: better logic to extract errors on databricks (apache#22792)

* fix(hive): Regression in apache#21794 (apache#22794)

* fix: Unexpected error on simple filter (apache#22814)

* feat(docker): Build multiple python version images (apache#22770)

Co-authored-by: Daniel Draper <daniel.draper@understand.ai>

* fix: allow CSV upload in Other db (apache#22807)

* chore: Convert direct uses of antd icons to 'Icons' component (apache#22516)

* fix(sqllab): type error on renderBigIntStr (apache#22813)

* chore: upgrade react-datetime, react-intersection-observer and react-checkbox-tree  (apache#22585)

* feat(helm): Add ability to customize affinity per deployment (apache#22827)

* chore(issue templates): discouraging Issues for feature requests (apache#22617)

* docs(alerts & reports): add, prune, reorganize (apache#20872)

* chore(tests): Streamline Cypress login to fix fails/flakes (apache#22844)

* feat: export/import `allow_dml` flag (apache#22806)

* chore: Migrate /superset/recent_activity/<user_id>/ to /api/v1/ (apache#22789)

* test: Fix act errors in DatasourceControl test (apache#22845)

* test: Fix act errors in DatabaseModal test (apache#22846)

* feat: Move cross filters to Dashboard (apache#22785)

* fix(cpq): Add `schema` to Query.data() payload (apache#22791)

* fix(Annotation Layers): Error when render options with renamed columns (apache#22453)

* build(deps-dev): bump @typescript-eslint/eslint-plugin from 5.48.2 to 5.49.0 in /superset-websocket (apache#22838)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(misc): Spelling (apache#19678)

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
Co-authored-by: Josh Soref <jsoref@users.noreply.github.com>

* build(deps): bump ua-parser-js from 0.7.31 to 0.7.33 in /docs (apache#22858)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* docs(cache): update doc strings (apache#22865)

* chore: migrate react-diff-viewer to react-diff-viewer-continued for react 18 upgrade (apache#22834)

* chore: upgrade react-table for react 18 upgrade (apache#22780)

* chore: upgrade react-reverse-portal for react upgrade (apache#22779)

* chore: removing unnecessary double spaces, a.k.a. "shotgun holes" (apache#22852)

* fix: Convert TIMESTAMP_* to TIMESTAMP in Snowflake (apache#22872)

* fix(sqllab): reverts apache#22695 (apache#22861)

* feat(ssh_tunnel): Add feature flag to SSH Tunnel API (apache#22805)

* fix: revert RESTful apis and react view for RLS (apache#22818)

* chore: deprecate /superset/slice_json/<int:slice_id> and /superset/annotation_json/<int:layer_id> (apache#22496)

* chore: add statsd support to base API and refactor (apache#22887)

* chore: Migrate /superset/queries/<last_updated_ms> to API v1 (apache#22611)

* docs: add Skyscanner to users list (apache#22888)

Co-authored-by: Calum <calum.leslie@skyscanner.net>

* feat: Add excel export (apache#22006)

Co-authored-by: Igor Șincariov <igorsinc@pm.me>
Co-authored-by: EugeneTorap <evgenykrutpro@gmail.com>

* build(deps): bump moment from 2.29.2 to 2.29.4 in /docs (apache#22891)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): bump underscore from 1.12.0 to 1.12.1 in /superset-frontend (apache#22892)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore: deprecate /superset/filter/... endpoint, migrate to apiv1 (apache#22882)

* fix: bump isort to fix pre-commit CI (apache#22907)

* chore: migrate /sql_json and /results to apiv1 (apache#22809)

* chore: Localization of superset pt. 2 (apache#22772)

* fix: edit pyarrow stringify to better handle emojis and accents (apache#22881)

* fix(sqllab): inconsistent addNewQueryEditor behavior (apache#21999)

* fix(i18n): greatly optimize Chinese translation (apache#22036)

* chore: skip puppeteer chromium download (apache#22623)

* fix(dependency): update cryptography import (apache#22744)

Co-authored-by: Daniel Draper <daniel.draper@understand.ai>

* feat: add pyproject.toml file to project (apache#20291)

* chore(db_engine_specs): clean up column spec logic and add tests (apache#22871)

* feat: Adds the ECharts Sunburst chart (apache#22833)

* fix: Time range filter applied on a dashboard is not persisting to the chart explore (apache#22920)

* fix(fab): Fix regression on FAB dropdowns (apache#22889)

* chore: migrate @vx/responsive to @visx/responsive for react 18 upgrade (apache#22815)

* fix: fix warning in ssh tunnel (apache#22912)

* chore: upgrade packages for react v17 upgrade (apache#22914)

* chore: upgrade react-router-dom to 5.3.4 (apache#22878)

* build(deps-dev): bump eslint from 8.32.0 to 8.33.0 in /superset-websocket (apache#22902)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* feat(helm): Make Chart.AppVersion default value for image tag (apache#22854)

* chore: Migrate /superset/tables/* to API v1 (apache#22501)

* fix(native-filters): Ensure that time range filter loses focus after closing modal (apache#22937)

* fix: Remove button is broken for metrics on Explore (apache#22940)

* feat: Enable new dataset creation flow II (apache#22835)

* fix(datasets): Fix property selection on JSON response (apache#22944)

* fix: Improve performance of CSV download (apache#22929)

* test: Clean up AdhocFilterOption test warnings (apache#22915)

* chore: Bump Flask-AppBuilder constraints (apache#22927)

* chore(welcome): change default last tab to "all" (apache#22798)

* fix(explore): Time comparison in Mixed Chart in GENERIC_CHART_AXES not working (apache#22945)

* chore(superset-ui-chart-controls): refactor pivot and rename operator (apache#22963)

* build(deps): bump http-cache-semantics from 4.1.0 to 4.1.1 in /superset-frontend (apache#22958)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix(explore): unable to update linked charts (apache#22896)

* chore(frontend): Spelling (apache#19676)

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
Co-authored-by: Josh Soref <jsoref@users.noreply.github.com>

* chore: add waitress for win32 platform (apache#22935)

* fix(datasets): Include expression and description in duplicated dataset columns (apache#22943)

* feat: add tabs to edit dataset page (apache#22043)

Co-authored-by: AAfghahi <48933336+AAfghahi@users.noreply.github.com>
Co-authored-by: Lyndsi Kay Williams <55605634+lyndsiWilliams@users.noreply.github.com>
Co-authored-by: lyndsiWilliams <kcatgirl@gmail.com>

* docs: add Caizin to the user list (apache#22961)

* test: Fix act errors in DatabaseList test (apache#22970)

* test: Clean up QueryList test warnings (apache#22972)

* fix(native-filters): Don't include description icon in truncation calc (apache#22941)

* fix: Prevents last temporal filter removal (apache#22982)

* fix(explore): Mark time range dashboard filter with warning icon (apache#22984)

* docs(alerts & reports): clarify nature of "-dev" labeled container images (apache#22988)

* chore: bump python version to 3.8.16 in Dockerfile (apache#22934)

* fix: Form data was not being passed to save/update slice (apache#22989)

* feat(ssh_tunnel): SSH Tunnel Switch extension (apache#22967)

* chore: Fix grammar (apache#22831)

* docs: added Orange inside the inthewild.md doc (apache#22986)

* fix: add new config to allow for specific import data urls (apache#22942)

* build(deps): bump pre-commit from 2.20.0 to 3.0.4 in /requirements (apache#22996)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix(explore): Save button incorrectly disabled when adding new metric with dnd (apache#23000)

* build(deps): bump http-cache-semantics from 4.1.0 to 4.1.1 in /docs (apache#22956)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix: Make cte_alias a property of db engine spec (apache#22947)

* fix(migrations): Flask-Migrate output is not logged during alembic migrations apache#17991 (apache#22991)

* fix(dashboard): export & import chart description and certification details (apache#22471)

* chore: updating link to sandbox.js (apache#23005)

* fix(sqllab): clean unwanted scrollbar (apache#22990)

* chore: Localization of superset pt. 3 (apache#22938)

Co-authored-by: Evan Rusackas <evan@preset.io>

* chore(deps): bump ajv and react-jsonschema-form in /superset-frontend (apache#21809)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps-dev): bump eslint-config-prettier from 7.2.0 to 8.6.0 in /superset-websocket (apache#22767)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): bump http-cache-semantics from 4.1.0 to 4.1.1 in /superset-frontend/cypress-base (apache#22955)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps-dev): bump @types/node from 18.11.13 to 18.11.19 in /superset-websocket (apache#22997)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* feat(datasets): Populate Usage tab in Edit Dataset view (apache#22670)

* build(deps-dev): bump @typescript-eslint/parser from 5.48.1 to 5.51.0 in /superset-websocket (apache#23013)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps-dev): bump typescript from 4.9.4 to 4.9.5 in /superset-websocket (apache#22933)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(tests): Cypress optimizations to help with fails (apache#23023)

* chore: refactor SliceAdder for react 17 and react 18 (apache#23009)

* fix(explore): Enable saving metric after changing title (apache#23020)

* fix: dataset import error message (apache#23025)

* fix(ssh_tunnel): Fix bug on database edition for databases with ssh tunnels (apache#23006)

Co-authored-by: Lyndsi Kay Williams <55605634+lyndsiWilliams@users.noreply.github.com>

* fix: Handles disabled options on Select All (apache#22830)

* fix(dashboard): Stop updating chart owners for charts removed from dashboard (apache#21720)

Co-authored-by: Michael S. Molina <michael.s.molina@gmail.com>

* docs(teradata): fix connection string (apache#23051)

* fix: Time Column on Generic X-axis (apache#23021)

* fix: Menu items are not disappearing when deleting a dashboard (apache#23039)

* fix(i18n): improve Russian translation (apache#22939)

* fix(sqllab): Invalid schema fetch by deprecated value (apache#22968)

* chore: Removes icon warnings from tests (apache#23054)

* feat(sqllab): Add event logger (apache#23040)

* chore(datasets): Refactor DatasetDAO update to leverage bulk logic for create, update, and delete operations (apache#22957)

* chore: remove db_engines (apache#22444)

* feat(helm): allow persisting nodePort for services (apache#22713)

Signed-off-by: DASTC\gupta_rajan <rajan.gupta@stengg.com>
Co-authored-by: DASTC\gupta_rajan <rajan.gupta@stengg.com>

* build(deps-dev): bump @typescript-eslint/eslint-plugin from 5.49.0 to 5.52.0 in /superset-websocket (apache#23073)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): bump hot-shots from 9.3.0 to 10.0.0 in /superset-websocket (apache#23031)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps-dev): bump prettier from 2.8.3 to 2.8.4 in /superset-websocket (apache#23030)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps-dev): bump @types/node from 18.11.19 to 18.13.0 in /superset-websocket (apache#23029)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix: cache warmup solution non legacy charts. (apache#23012)

* docs: remove duplicate navbar item (apache#22486)

Signed-off-by: tison <wander4096@gmail.com>

* chore: Migrate get_or_create_table endpoint to api v1 (apache#22931)

* chore: Migrate /superset/csv/<client_id> to API v1 (apache#22913)

* fix: css template permissions for gamma role (apache#23083)

* build(deps): bump ws from 8.12.0 to 8.12.1 in /superset-websocket (apache#23080)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps-dev): bump eslint from 8.33.0 to 8.34.0 in /superset-websocket (apache#23079)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(style): make brand icon max width customizable (apache#23081)

* chore: Remove dependency warnings from SqlEditorLeftBar/index.tsx (apache#22975)

* chore: Remove dependency warnings from SqlEditor/index.jsx (apache#22974)

* chore: Remove dependency warnings from DatasetList.tsx (apache#22973)

* test: Convert DatasetList test from jsx to tsx (apache#22971)

* test: Clean up SelectAsyncControl test warnings (apache#22969)

* chore: move dashboard screenshot standalone logic (apache#23003)

* fix: dict bug on QueryContextFactory (apache#23093)

Co-authored-by: ok9897 <ok9897@krafton.com>

* chore: Improve greeting message (apache#23077)

* chore: Updating connection URI for MS SQL Server (apache#22903)

Co-authored-by: Evan Rusackas <evan@preset.io>

* chore: increment statsd as warn (apache#23041)

* fix: removing pyproject.toml (apache#23101)

* chore: change AlertQueryError to 400 (apache#23102)

* fix: missing __init__ on module sqllab commands (apache#23107)

* #21 preparing for linux deployment

* chore(backend): Spelling (apache#19677)

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
Co-authored-by: Josh Soref <jsoref@users.noreply.github.com>
Co-authored-by: Evan Rusackas <evan@preset.io>

* chore: Remove yarn.lock from the root folder (apache#23108)

* chore(sqla): Address performance tradeoff with eager loading (apache#23113)

* fix(ci): explicity set yaml Loader (apache#23126)

* fix: Validate jinja rendered query (apache#22851)

* fix: reorganize role permissions (apache#23096)

* fix: gamma sql_json test (apache#23135)

* fix(dashboard): Chart's empty state not centered (apache#23022)

* feat: Frontend tagging (apache#20876)

Co-authored-by: cccs-nik <68961854+cccs-nik@users.noreply.github.com>
Co-authored-by: GITHUB_USERNAME <EMAIL>

* feat: return UUID on database creation (apache#23143)

* chore: Add docs for ssh tunneling (apache#23131)

Co-authored-by: Beto Dealmeida <roberto@dealmeida.net>

* feat: Enable cross fitlers in WorldMap and Graph charts (apache#22886)

* chore: Bump cryptography to 39.0.1 (apache#23158)

* feat(dashboard): Add cross filter from context menu (apache#23141)

* chore: revert "feat(native_filter_migration): add transition mode (apache#16992)" (apache#23144)

* build: Add helm chart option to deploy sidecars with node and worker (apache#23160)

* fix(rbac): show objects accessible by database access perm (apache#23118)

* fix: bump FAB to 4.3.0 (apache#23184)

* fix(clickhouse): add clickhouse connect driver (apache#23185)

* fix(clickhouse): add missing default format (apache#23192)

* feat(ssh_tunnel): Import/Export Databases with SSHTunnel credentials (apache#23099)

* chore: refactor SparklineCell for react 17 and react 18 upgrade (apache#23145)

* fix(ssh_tunnel): Display SSHTunnel Switch when editing a DB that was created with the Dynamic Form (apache#23195)

* fix(sshtunnel): argument params to properly setting `server_port` (apache#23196)

* fix(ssh-tunnel): add password to `from_private_key` function (apache#23175)

* fix: Pagination of VirtualTable (apache#23130)

* fix(dashboard): Focusing charts and native filters from filters badge (apache#23190)

* fix(docs): Change postgres to postgresql in brew install command (apache#23202)

* build(deps-dev): bump @typescript-eslint/parser from 5.51.0 to 5.53.0 in /superset-websocket (apache#23133)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps-dev): bump @types/node from 18.13.0 to 18.14.1 in /superset-websocket (apache#23180)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* test: Remove test playgrounds (apache#23203)

* build(deps-dev): bump @typescript-eslint/eslint-plugin from 5.52.0 to 5.53.0 in /superset-websocket (apache#23132)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): bump express and @applitools/eyes-cypress in /superset-frontend/cypress-base (apache#22342)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* docs: fix typo (apache#23207)

* feat: Cross Filters in FilterBar (apache#23138)

Co-authored-by: Kamil Gabryjelski <kamil.gabryjelski@gmail.com>

* fix(dashboard): Page crashing when cross filter applied on adhoc column (apache#23215)

* fix: memoized decorator memory leak (apache#23139)

* build(deps-dev): bump @types/uuid from 9.0.0 to 9.0.1 in /superset-websocket (apache#23152)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps-dev): bump eslint from 8.34.0 to 8.35.0 in /superset-websocket (apache#23211)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore: adding code owners for github actions/workflows (apache#23201)

* build(deps): bump ua-parser-js from 0.7.28 to 0.7.33 in /superset-frontend (apache#22859)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): bump pre-commit from 3.0.4 to 3.1.0 in /requirements (apache#23168)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix: add disallowed query params for engines specs (apache#23217)

Co-authored-by: Ville Brofeldt <33317356+villebro@users.noreply.github.com>

* chore: Add statsd logger for ssh tunneling creation (apache#23225)

* fix(dashboard): Don't show cross filters checkbox to users without write permissions (apache#23237)

* docs: update installation docs to include frontend asset build (apache#23199)

* build(deps): bump pip-compile-multi from 2.6.1 to 2.6.2 in /requirements (apache#23122)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix(dashboard): Cross-filters not working properly for new dashboards (apache#23194)

* fix: refuse to start with default secret on non debug envs (apache#23186)

* fix(dao): use explicit id filter (apache#23246)

* fix(explore): Dashboard filters on adhoc cols not working in Explore (apache#23239)

* refactor: Organizes the pages in their own folder (apache#23241)

* fix: Video Game Sales dashboard default filters (apache#23242)

* chore: Deprecate show_native_filters (apache#23228)

* chore: Remove the ability to add filter-box charts when DASHBOARD_NATIVE_FILTERS feature is enabled (apache#23142)

* fix(dashboard): Cross-filter search icon in filter bar (apache#23250)

* chore(webdriver): Tuning the Webdriver logging a bit (apache#23255)

* fix: customize tab on heatmap chart is blank (apache#23243)

* fix(dashboard): Missing filter card styles (apache#23256)

* fix: ignore ts warnings from older typescript versions (apache#23262)

* chore(cache): Tuning logging in cache manager (apache#23266)

* fix(dashboard): Charts crashing when cross filter on adhoc column is applied (apache#23238)

Co-authored-by: Ville Brofeldt <33317356+villebro@users.noreply.github.com>

* fix(plugin-chart-echarts): render horizontal categories from top (apache#23273)

* feat(generic-x-axis): add x sorting on series limit metric (apache#23274)

* fix(dashboard): Allow selecting text in cells in Table and PivotTable without triggering cross filters (apache#23283)

* fix(migration): Address issue in apache#23228 (apache#23276)

* chore(dashboard): Cleanup example dashboard filter scopes (apache#23260)

* fix(dashboard): Infinite load when filter with default first value is out of scope (apache#23299)

* fix(clickhouse):  Update to working clickhouse-connect version (apache#23296)

* chore: upgrade @ant-design/icons for react upgrade (apache#22890)

* docs: typo 'admnistrators' in security.mdx (apache#23166)

* build(deps-dev): bump eslint-config-prettier from 8.6.0 to 8.7.0 in /superset-websocket (apache#23292)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps-dev): bump @types/node from 18.14.1 to 18.14.6 in /superset-websocket (apache#23281)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore: bump docusaurus to latest stable (apache#23317)

* docs: add lost _filters param docs (apache#23316)

* feat(docs): adds BugHerd to documentation site. (apache#23287)

* chore: log different selenium timeout errors differently (apache#23290)

* docs: improve API v1 migration documentation (apache#23298)

* docs(alerts and reports): Update ExecutorType class (apache#23323)

* build(deps-dev): bump @typescript-eslint/parser from 5.53.0 to 5.54.1 in /superset-websocket (apache#23294)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* feat(dashboard): Refactor FiltersBadge (apache#23286)

* chore: use util test env for init check (apache#23325)

* fix(trino): normalize non-iso timestamps (apache#23339)

* fix(dashboard): Cross filters with time shifted series (apache#23347)

* feat(dashboard): Change default opacity of icon in FiltersBadge (apache#23350)

* fix: dashboard DAO small code improvement (apache#23348)

* chore: Remove Cross Filter scoping modal (apache#23216)

* fix(dashboard): deepmerge htmlSchemaOverrides (apache#23329)

* fix(trino): Disallow alias to source column (apache#23324)

* fix(examples): Cleanup granularity_sqla column (apache#23322)

* fix(sqllab): empty large query results from localStorage (apache#23302)

* chore: Update pre-commit packages (apache#23173)

* fix(safari): remove autocomplete in table select (apache#23361)

* fix(chart-controls): Error if x_axis_sort and timeseries_limit_metric are included in main metrics (apache#23365)

* feat(native-filters): allow cascading from time and numeric filters (apache#23319)

* build(deps-dev): bump @types/node from 18.14.6 to 18.15.3 in /superset-websocket (apache#23360)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix(native-filters): Caching scope (apache#23314)

* #56 sync to fix security issues

---------

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
Signed-off-by: DASTC\gupta_rajan <rajan.gupta@stengg.com>
Signed-off-by: tison <wander4096@gmail.com>
Co-authored-by: Hugh A. Miles II <hughmil3s@gmail.com>
Co-authored-by: Antonio Rivero Martinez <38889534+Antonio-RiveroMartnez@users.noreply.github.com>
Co-authored-by: Antonio Rivero <antonioriverocode@gmail.com>
Co-authored-by: Elizabeth Thompson <eschutho@gmail.com>
Co-authored-by: Lyndsi Kay Williams <55605634+lyndsiWilliams@users.noreply.github.com>
Co-authored-by: JUST.in DO IT <justin.park@airbnb.com>
Co-authored-by: ʈᵃᵢ <tdupreetan@gmail.com>
Co-authored-by: John Bodley <4567245+john-bodley@users.noreply.github.com>
Co-authored-by: Michael S. Molina <70410625+michael-s-molina@users.noreply.github.com>
Co-authored-by: Daniel Draper <Germandrummer92@gmail.com>
Co-authored-by: Daniel Draper <daniel.draper@understand.ai>
Co-authored-by: Beto Dealmeida <roberto@dealmeida.net>
Co-authored-by: Cody Leff <cody@preset.io>
Co-authored-by: Lily Kuang <lily@preset.io>
Co-authored-by: Sergey Shevchenko <sergeyshevchdevelop@gmail.com>
Co-authored-by: Evan Rusackas <evan@preset.io>
Co-authored-by: Sam Firke <sfirke@users.noreply.github.com>
Co-authored-by: Jack Fragassi <jfragassi98@gmail.com>
Co-authored-by: Geido <60598000+geido@users.noreply.github.com>
Co-authored-by: Stepan <66589759+Always-prog@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
Co-authored-by: Josh Soref <jsoref@users.noreply.github.com>
Co-authored-by: Cemre Mengu <cemremengu@gmail.com>
Co-authored-by: Mayur <mayurnewase111@gmail.com>
Co-authored-by: Diego Medina <diegomedina24@gmail.com>
Co-authored-by: Daniel Vaz Gaspar <danielvazgaspar@gmail.com>
Co-authored-by: cleslie <cjaleslie@gmail.com>
Co-authored-by: Calum <calum.leslie@skyscanner.net>
Co-authored-by: Igor Șincariov <102555782+igorsinc@users.noreply.github.com>
Co-authored-by: Igor Șincariov <igorsinc@pm.me>
Co-authored-by: EugeneTorap <evgenykrutpro@gmail.com>
Co-authored-by: Artem Shumeiko <53895552+artemonsh@users.noreply.github.com>
Co-authored-by: 王一川 <wj2247689442@gmail.com>
Co-authored-by: nisheldo <njsheldon@me.com>
Co-authored-by: Leo Schick <67712864+leo-schick@users.noreply.github.com>
Co-authored-by: Ville Brofeldt <33317356+villebro@users.noreply.github.com>
Co-authored-by: Arash Afghahi <48933336+AAfghahi@users.noreply.github.com>
Co-authored-by: Denis Krivenko <dnskrv88@gmail.com>
Co-authored-by: Kamil Gabryjelski <kamil.gabryjelski@gmail.com>
Co-authored-by: Erik Ritter <erik.ritter@airbnb.com>
Co-authored-by: Phillip Kelley-Dotson <pkelleydotson@yahoo.com>
Co-authored-by: lyndsiWilliams <kcatgirl@gmail.com>
Co-authored-by: tejaskatariya <42517374+tejaskatariya@users.noreply.github.com>
Co-authored-by: Adrian <icsu@users.noreply.github.com>
Co-authored-by: alexclavel-ocient <111374753+alexclavel-ocient@users.noreply.github.com>
Co-authored-by: Trey Gilliland <treygilliland3@gmail.com>
Co-authored-by: Michael S. Molina <michael.s.molina@gmail.com>
Co-authored-by: Rajan Gupta <rajan0493@gmail.com>
Co-authored-by: DASTC\gupta_rajan <rajan.gupta@stengg.com>
Co-authored-by: Dheeraj Jaiswal <118437694+dheeraj-jaiswal-lowes@users.noreply.github.com>
Co-authored-by: tison <wander4096@gmail.com>
Co-authored-by: Changhoon Oh <81631424+okayhooni@users.noreply.github.com>
Co-authored-by: ok9897 <ok9897@krafton.com>
Co-authored-by: kuruv <kuruv@users.noreply.github.com>
Co-authored-by: Zef Lin <zef@preset.io>
Co-authored-by: cccs-RyanK <102618419+cccs-RyanK@users.noreply.github.com>
Co-authored-by: cccs-nik <68961854+cccs-nik@users.noreply.github.com>
Co-authored-by: mkramer5454 <52328004+mkramer5454@users.noreply.github.com>
Co-authored-by: Vivek Kumar <49686162+vivekDebugs@users.noreply.github.com>
Co-authored-by: Craig Rueda <craig@craigrueda.com>
Co-authored-by: Geoff Genz <geoff@clickhouse.com>
Co-authored-by: Cameron Gregor <cgregor@securecodewarrior.com>
Co-authored-by: Íñigo Álvaro Sáenz <i.saenz@stuart.com>
@mistercrunch mistercrunch added 🍒 2.1.0 🍒 2.1.1 🍒 2.1.2 🍒 2.1.3 🏷️ bot A label used by `supersetbot` to keep track of which PR where auto-tagged with release labels 🚢 3.0.0 and removed 🚢 3.0.2 labels Mar 13, 2024
@dosubot dosubot bot mentioned this pull request May 29, 2024
3 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
🏷️ bot A label used by `supersetbot` to keep track of which PR where auto-tagged with release labels size/L v2.1 🍒 2.1.0 🍒 2.1.1 🍒 2.1.2 🍒 2.1.3 🚢 3.0.0
Projects
None yet
Development

Successfully merging this pull request may close these issues.

database access on [DATABASE] does not allow read data sources
7 participants