feat: Drill ODBC/JDBC Impersonation feature (#17353)
* Added Drill ODBC Impersonation feature and necessary translations/docs * Code Cleanup * add jdbc impersonation_target parameter * add unittests for DrillEngineSpec.modify_url_for_impersonation method * reformat test_drill.py with black formatter * run pre-commit locally Co-authored-by: Christian Pfarr <Christian.Pfarr@deutschebahn.com> Co-authored-by: Christian Pfarr <z0ltrix+gitlab@pm.me>
This commit is contained in:
Christian Pfarr
GitHub
parent
7d22c9ce17
commit
333b1371f7
|
|
@ -2722,7 +2722,7 @@
|
|||
"type": "string"
|
||||
},
|
||||
"impersonate_user": {
|
||||
"description": "If Presto, all the queries in SQL Lab are going to be executed as the currently logged on user who must have permission to run them.<br/>If Hive and hive.server2.enable.doAs is enabled, will run the queries as service account, but impersonate the currently logged on user via hive.server2.proxy.user property.",
|
||||
"description": "If Presto, Trino or Drill all the queries in SQL Lab are going to be executed as the currently logged on user who must have permission to run them.<br/>If Hive and hive.server2.enable.doAs is enabled, will run the queries as service account, but impersonate the currently logged on user via hive.server2.proxy.user property.",
|
||||
"type": "boolean"
|
||||
},
|
||||
"parameters": {
|
||||
|
|
@ -2816,7 +2816,7 @@
|
|||
"type": "string"
|
||||
},
|
||||
"impersonate_user": {
|
||||
"description": "If Presto, all the queries in SQL Lab are going to be executed as the currently logged on user who must have permission to run them.<br/>If Hive and hive.server2.enable.doAs is enabled, will run the queries as service account, but impersonate the currently logged on user via hive.server2.proxy.user property.",
|
||||
"description": "If Presto, Trino or Drill all the queries in SQL Lab are going to be executed as the currently logged on user who must have permission to run them.<br/>If Hive and hive.server2.enable.doAs is enabled, will run the queries as service account, but impersonate the currently logged on user via hive.server2.proxy.user property.",
|
||||
"type": "boolean"
|
||||
},
|
||||
"parameters": {
|
||||
|
|
@ -2866,7 +2866,7 @@
|
|||
"type": "string"
|
||||
},
|
||||
"impersonate_user": {
|
||||
"description": "If Presto, all the queries in SQL Lab are going to be executed as the currently logged on user who must have permission to run them.<br/>If Hive and hive.server2.enable.doAs is enabled, will run the queries as service account, but impersonate the currently logged on user via hive.server2.proxy.user property.",
|
||||
"description": "If Presto, Trino or Drill all the queries in SQL Lab are going to be executed as the currently logged on user who must have permission to run them.<br/>If Hive and hive.server2.enable.doAs is enabled, will run the queries as service account, but impersonate the currently logged on user via hive.server2.proxy.user property.",
|
||||
"type": "boolean"
|
||||
},
|
||||
"parameters": {
|
||||
|
|
@ -2914,7 +2914,7 @@
|
|||
"type": "string"
|
||||
},
|
||||
"impersonate_user": {
|
||||
"description": "If Presto, all the queries in SQL Lab are going to be executed as the currently logged on user who must have permission to run them.<br/>If Hive and hive.server2.enable.doAs is enabled, will run the queries as service account, but impersonate the currently logged on user via hive.server2.proxy.user property.",
|
||||
"description": "If Presto, Trino or Drill all the queries in SQL Lab are going to be executed as the currently logged on user who must have permission to run them.<br/>If Hive and hive.server2.enable.doAs is enabled, will run the queries as service account, but impersonate the currently logged on user via hive.server2.proxy.user property.",
|
||||
"type": "boolean"
|
||||
},
|
||||
"parameters": {
|
||||
|
|
|
|||
|
|
@ -393,7 +393,7 @@ const ExtraOptions = ({
|
|||
checked={!!db?.impersonate_user}
|
||||
onChange={onInputChange}
|
||||
labelText={t(
|
||||
'Impersonate logged in user (Presto, Trino, Hive, and GSheets)',
|
||||
'Impersonate logged in user (Presto, Trino, Drill, Hive, and GSheets)',
|
||||
)}
|
||||
/>
|
||||
<InfoTooltip
|
||||
|
|
|
|||
|
|
@ -68,3 +68,21 @@ class DrillEngineSpec(BaseEngineSpec):
|
|||
def adjust_database_uri(cls, uri: URL, selected_schema: Optional[str]) -> None:
|
||||
if selected_schema:
|
||||
uri.database = parse.quote(selected_schema, safe="")
|
||||
|
||||
@classmethod
|
||||
def modify_url_for_impersonation(
|
||||
cls, url: URL, impersonate_user: bool, username: Optional[str]
|
||||
) -> None:
|
||||
"""
|
||||
Modify the SQL Alchemy URL object with the user to impersonate if applicable.
|
||||
:param url: SQLAlchemy URL object
|
||||
:param impersonate_user: Flag indicating if impersonation is enabled
|
||||
:param username: Effective username
|
||||
"""
|
||||
if impersonate_user and username is not None:
|
||||
if url.drivername == "drill+odbc":
|
||||
url.query["DelegationUID"] = username
|
||||
elif url.drivername == "drill+jdbc":
|
||||
url.query["impersonation_target"] = username
|
||||
else:
|
||||
url.username = username
|
||||
|
|
|
|||
|
|
@ -853,7 +853,7 @@
|
|||
"When allowing CREATE TABLE AS option in SQL Lab, this option forces the table to be created in this schema": [
|
||||
""
|
||||
],
|
||||
"If Presto, all the queries in SQL Lab are going to be executed as the currently logged on user who must have permission to run them.<br/>If Hive and hive.server2.enable.doAs is enabled, will run the queries as service account, but impersonate the currently logged on user via hive.server2.proxy.user property.": [
|
||||
"If Presto, Trino or Drill all the queries in SQL Lab are going to be executed as the currently logged on user who must have permission to run them.<br/>If Hive and hive.server2.enable.doAs is enabled, will run the queries as service account, but impersonate the currently logged on user via hive.server2.proxy.user property.": [
|
||||
""
|
||||
],
|
||||
"Allow SQL Lab to fetch a list of all tables and all views across all database schemas. For large data warehouse with thousands of tables, this can be expensive and put strain on the system.": [
|
||||
|
|
@ -2001,8 +2001,8 @@
|
|||
"Optional CA_BUNDLE contents to validate HTTPS requests. Only available on certain database engines.": [
|
||||
""
|
||||
],
|
||||
"Impersonate Logged In User (Presto & Hive)": [""],
|
||||
"If Presto, all the queries in SQL Lab are going to be executed as the currently logged on user who must have permission to run them. If Hive and hive.server2.enable.doAs is enabled, will run the queries as service account, but impersonate the currently logged on user via hive.server2.proxy.user property.": [
|
||||
"Impersonate Logged In User (Presto, Trino, Drill & Hive)": [""],
|
||||
"If Presto, Trino or Drill all the queries in SQL Lab are going to be executed as the currently logged on user who must have permission to run them. If Hive and hive.server2.enable.doAs is enabled, will run the queries as service account, but impersonate the currently logged on user via hive.server2.proxy.user property.": [
|
||||
""
|
||||
],
|
||||
"Allow data upload": [""],
|
||||
|
|
|
|||
|
|
@ -7282,7 +7282,7 @@ msgid ""
|
|||
msgstr ""
|
||||
|
||||
#: superset-frontend/src/views/CRUD/data/database/DatabaseModal.tsx:608
|
||||
msgid "Impersonate Logged In User (Presto & Hive)"
|
||||
msgid "Impersonate Logged In User (Presto, Trino, Drill & Hive)"
|
||||
msgstr ""
|
||||
|
||||
#: superset-frontend/src/views/CRUD/data/database/DatabaseModal.tsx:610
|
||||
|
|
|
|||
|
|
@ -793,7 +793,7 @@
|
|||
"When allowing CREATE TABLE AS option in SQL Lab, this option forces the table to be created in this schema": [
|
||||
""
|
||||
],
|
||||
"If Presto, all the queries in SQL Lab are going to be executed as the currently logged on user who must have permission to run them.<br/>If Hive and hive.server2.enable.doAs is enabled, will run the queries as service account, but impersonate the currently logged on user via hive.server2.proxy.user property.": [
|
||||
"If Presto, Trino or Drill all the queries in SQL Lab are going to be executed as the currently logged on user who must have permission to run them.<br/>If Hive and hive.server2.enable.doAs is enabled, will run the queries as service account, but impersonate the currently logged on user via hive.server2.proxy.user property.": [
|
||||
""
|
||||
],
|
||||
"Allow SQL Lab to fetch a list of all tables and all views across all database schemas. For large data warehouse with thousands of tables, this can be expensive and put strain on the system.": [
|
||||
|
|
@ -1907,8 +1907,8 @@
|
|||
"Optional CA_BUNDLE contents to validate HTTPS requests. Only available on certain database engines.": [
|
||||
""
|
||||
],
|
||||
"Impersonate Logged In User (Presto & Hive)": [""],
|
||||
"If Presto, all the queries in SQL Lab are going to be executed as the currently logged on user who must have permission to run them. If Hive and hive.server2.enable.doAs is enabled, will run the queries as service account, but impersonate the currently logged on user via hive.server2.proxy.user property.": [
|
||||
"Impersonate Logged In User (Presto, Trino, Drill & Hive)": [""],
|
||||
"If Presto, Trino or Drill all the queries in SQL Lab are going to be executed as the currently logged on user who must have permission to run them. If Hive and hive.server2.enable.doAs is enabled, will run the queries as service account, but impersonate the currently logged on user via hive.server2.proxy.user property.": [
|
||||
""
|
||||
],
|
||||
"Allow data upload": [""],
|
||||
|
|
|
|||
|
|
@ -7281,7 +7281,7 @@ msgid ""
|
|||
msgstr ""
|
||||
|
||||
#: superset-frontend/src/views/CRUD/data/database/DatabaseModal.tsx:608
|
||||
msgid "Impersonate Logged In User (Presto & Hive)"
|
||||
msgid "Impersonate Logged In User (Presto, Trino, Drill & Hive)"
|
||||
msgstr ""
|
||||
|
||||
#: superset-frontend/src/views/CRUD/data/database/DatabaseModal.tsx:610
|
||||
|
|
|
|||
|
|
@ -936,7 +936,7 @@
|
|||
"When allowing CREATE TABLE AS option in SQL Lab, this option forces the table to be created in this schema": [
|
||||
"Cuando se permite la opción CREATE TABLE AS en el laboratorio SQL, esta opción hace que la tabla se cree en este esquema"
|
||||
],
|
||||
"If Presto, all the queries in SQL Lab are going to be executed as the currently logged on user who must have permission to run them.<br/>If Hive and hive.server2.enable.doAs is enabled, will run the queries as service account, but impersonate the currently logged on user via hive.server2.proxy.user property.": [
|
||||
"If Presto, Trino or Drill all the queries in SQL Lab are going to be executed as the currently logged on user who must have permission to run them.<br/>If Hive and hive.server2.enable.doAs is enabled, will run the queries as service account, but impersonate the currently logged on user via hive.server2.proxy.user property.": [
|
||||
""
|
||||
],
|
||||
"Allow SQL Lab to fetch a list of all tables and all views across all database schemas. For large data warehouse with thousands of tables, this can be expensive and put strain on the system.": [
|
||||
|
|
@ -2166,8 +2166,8 @@
|
|||
"Optional CA_BUNDLE contents to validate HTTPS requests. Only available on certain database engines.": [
|
||||
""
|
||||
],
|
||||
"Impersonate Logged In User (Presto & Hive)": [""],
|
||||
"If Presto, all the queries in SQL Lab are going to be executed as the currently logged on user who must have permission to run them. If Hive and hive.server2.enable.doAs is enabled, will run the queries as service account, but impersonate the currently logged on user via hive.server2.proxy.user property.": [
|
||||
"Impersonate Logged In User (Presto, Trino, Drill & Hive)": [""],
|
||||
"If Presto, Trino or Drill all the queries in SQL Lab are going to be executed as the currently logged on user who must have permission to run them. If Hive and hive.server2.enable.doAs is enabled, will run the queries as service account, but impersonate the currently logged on user via hive.server2.proxy.user property.": [
|
||||
""
|
||||
],
|
||||
"Allow data upload": [""],
|
||||
|
|
|
|||
|
|
@ -7369,7 +7369,7 @@ msgid ""
|
|||
msgstr ""
|
||||
|
||||
#: superset-frontend/src/views/CRUD/data/database/DatabaseModal.tsx:608
|
||||
msgid "Impersonate Logged In User (Presto & Hive)"
|
||||
msgid "Impersonate Logged In User (Presto, Trino, Drill & Hive)"
|
||||
msgstr ""
|
||||
|
||||
#: superset-frontend/src/views/CRUD/data/database/DatabaseModal.tsx:610
|
||||
|
|
|
|||
|
|
@ -994,7 +994,7 @@
|
|||
"When allowing CREATE TABLE AS option in SQL Lab, this option forces the table to be created in this schema": [
|
||||
"Quand l'option autoriser CREATE TABLE AS dans SQL Lab est cochée, force la table a être créée dans le schéma"
|
||||
],
|
||||
"If Presto, all the queries in SQL Lab are going to be executed as the currently logged on user who must have permission to run them.<br/>If Hive and hive.server2.enable.doAs is enabled, will run the queries as service account, but impersonate the currently logged on user via hive.server2.proxy.user property.": [
|
||||
"If Presto, Trino or Drill all the queries in SQL Lab are going to be executed as the currently logged on user who must have permission to run them.<br/>If Hive and hive.server2.enable.doAs is enabled, will run the queries as service account, but impersonate the currently logged on user via hive.server2.proxy.user property.": [
|
||||
"Si Presto, toutes les requêtes dans SQL Lab sont en cours d'exécution sous le compte de l'utilisateur actuellement connecté qui doit avoir les premissions requises.<br/>Si Hive et hive.server2.enable.doAs sont activés, les requêtes seront exécutées sous le compte du service, mais impersonnifiant l'utilisateur actuellement connecté via la propriété hive.server2.proxy.user."
|
||||
],
|
||||
"Allow SQL Lab to fetch a list of all tables and all views across all database schemas. For large data warehouse with thousands of tables, this can be expensive and put strain on the system.": [
|
||||
|
|
@ -2288,10 +2288,10 @@
|
|||
"Optional CA_BUNDLE contents to validate HTTPS requests. Only available on certain database engines.": [
|
||||
""
|
||||
],
|
||||
"Impersonate Logged In User (Presto & Hive)": [
|
||||
"Impersonate Logged In User (Presto, Trino, Drill & Hive)": [
|
||||
"Impersonnaliser la connexion de l'utilisateur"
|
||||
],
|
||||
"If Presto, all the queries in SQL Lab are going to be executed as the currently logged on user who must have permission to run them. If Hive and hive.server2.enable.doAs is enabled, will run the queries as service account, but impersonate the currently logged on user via hive.server2.proxy.user property.": [
|
||||
"If Presto, Trino or Drill all the queries in SQL Lab are going to be executed as the currently logged on user who must have permission to run them. If Hive and hive.server2.enable.doAs is enabled, will run the queries as service account, but impersonate the currently logged on user via hive.server2.proxy.user property.": [
|
||||
"Si Presto, toutes les requêtes dans SQL Lab sont en cours d'exécution sous le compte de l'utilisateur actuellement connecté qui doit avoir les premissions requises.<br/>Si Hive et hive.server2.enable.doAs sont activés, les requêtes seront exécutées sous le compte du service, mais impersonnifiant l'utilisateur actuellement connecté via la propriété hive.server2.proxy.user."
|
||||
],
|
||||
"Allow data upload": [""],
|
||||
|
|
|
|||
|
|
@ -7456,7 +7456,7 @@ msgid ""
|
|||
msgstr ""
|
||||
|
||||
#: superset-frontend/src/views/CRUD/data/database/DatabaseModal.tsx:608
|
||||
msgid "Impersonate Logged In User (Presto & Hive)"
|
||||
msgid "Impersonate Logged In User (Presto, Trino, Drill & Hive)"
|
||||
msgstr "Impersonnaliser la connexion de l'utilisateur"
|
||||
|
||||
#: superset-frontend/src/views/CRUD/data/database/DatabaseModal.tsx:610
|
||||
|
|
|
|||
|
|
@ -860,7 +860,7 @@
|
|||
"When allowing CREATE TABLE AS option in SQL Lab, this option forces the table to be created in this schema": [
|
||||
"Se si abilita l'opzione CREATE TABLE AS in SQL Lab, verrà forzata la creazione della tabella con questo schema"
|
||||
],
|
||||
"If Presto, all the queries in SQL Lab are going to be executed as the currently logged on user who must have permission to run them.<br/>If Hive and hive.server2.enable.doAs is enabled, will run the queries as service account, but impersonate the currently logged on user via hive.server2.proxy.user property.": [
|
||||
"If Presto, Trino or Drill all the queries in SQL Lab are going to be executed as the currently logged on user who must have permission to run them.<br/>If Hive and hive.server2.enable.doAs is enabled, will run the queries as service account, but impersonate the currently logged on user via hive.server2.proxy.user property.": [
|
||||
""
|
||||
],
|
||||
"Allow SQL Lab to fetch a list of all tables and all views across all database schemas. For large data warehouse with thousands of tables, this can be expensive and put strain on the system.": [
|
||||
|
|
@ -2038,8 +2038,8 @@
|
|||
"Optional CA_BUNDLE contents to validate HTTPS requests. Only available on certain database engines.": [
|
||||
""
|
||||
],
|
||||
"Impersonate Logged In User (Presto & Hive)": [""],
|
||||
"If Presto, all the queries in SQL Lab are going to be executed as the currently logged on user who must have permission to run them. If Hive and hive.server2.enable.doAs is enabled, will run the queries as service account, but impersonate the currently logged on user via hive.server2.proxy.user property.": [
|
||||
"Impersonate Logged In User (Presto, Trino, Drill & Hive)": [""],
|
||||
"If Presto, Trino or Drill all the queries in SQL Lab are going to be executed as the currently logged on user who must have permission to run them. If Hive and hive.server2.enable.doAs is enabled, will run the queries as service account, but impersonate the currently logged on user via hive.server2.proxy.user property.": [
|
||||
""
|
||||
],
|
||||
"Allow data upload": [""],
|
||||
|
|
|
|||
|
|
@ -7330,7 +7330,7 @@ msgid ""
|
|||
msgstr ""
|
||||
|
||||
#: superset-frontend/src/views/CRUD/data/database/DatabaseModal.tsx:608
|
||||
msgid "Impersonate Logged In User (Presto & Hive)"
|
||||
msgid "Impersonate Logged In User (Presto, Trino, Drill & Hive)"
|
||||
msgstr ""
|
||||
|
||||
#: superset-frontend/src/views/CRUD/data/database/DatabaseModal.tsx:610
|
||||
|
|
|
|||
|
|
@ -1094,7 +1094,7 @@
|
|||
"When allowing CREATE TABLE AS option in SQL Lab, this option forces the table to be created in this schema": [
|
||||
""
|
||||
],
|
||||
"If Presto, all the queries in SQL Lab are going to be executed as the currently logged on user who must have permission to run them.<br/>If Hive and hive.server2.enable.doAs is enabled, will run the queries as service account, but impersonate the currently logged on user via hive.server2.proxy.user property.": [
|
||||
"If Presto, Trino or Drill all the queries in SQL Lab are going to be executed as the currently logged on user who must have permission to run them.<br/>If Hive and hive.server2.enable.doAs is enabled, will run the queries as service account, but impersonate the currently logged on user via hive.server2.proxy.user property.": [
|
||||
""
|
||||
],
|
||||
"Allow SQL Lab to fetch a list of all tables and all views across all database schemas. For large data warehouse with thousands of tables, this can be expensive and put strain on the system.": [
|
||||
|
|
@ -2396,8 +2396,8 @@
|
|||
"Optional CA_BUNDLE contents to validate HTTPS requests. Only available on certain database engines.": [
|
||||
""
|
||||
],
|
||||
"Impersonate Logged In User (Presto & Hive)": [""],
|
||||
"If Presto, all the queries in SQL Lab are going to be executed as the currently logged on user who must have permission to run them. If Hive and hive.server2.enable.doAs is enabled, will run the queries as service account, but impersonate the currently logged on user via hive.server2.proxy.user property.": [
|
||||
"Impersonate Logged In User (Presto, Trino, Drill & Hive)": [""],
|
||||
"If Presto, Trino or Drill all the queries in SQL Lab are going to be executed as the currently logged on user who must have permission to run them. If Hive and hive.server2.enable.doAs is enabled, will run the queries as service account, but impersonate the currently logged on user via hive.server2.proxy.user property.": [
|
||||
""
|
||||
],
|
||||
"Allow data upload": [""],
|
||||
|
|
|
|||
|
|
@ -8008,7 +8008,7 @@ msgid ""
|
|||
msgstr ""
|
||||
|
||||
#: superset-frontend/src/views/CRUD/data/database/DatabaseModal.tsx:570
|
||||
msgid "Impersonate Logged In User (Presto & Hive)"
|
||||
msgid "Impersonate Logged In User (Presto, Trino, Drill & Hive)"
|
||||
msgstr ""
|
||||
|
||||
#: superset-frontend/src/views/CRUD/data/database/DatabaseModal.tsx:573
|
||||
|
|
|
|||
|
|
@ -901,7 +901,7 @@
|
|||
"When allowing CREATE TABLE AS option in SQL Lab, this option forces the table to be created in this schema": [
|
||||
""
|
||||
],
|
||||
"If Presto, all the queries in SQL Lab are going to be executed as the currently logged on user who must have permission to run them.<br/>If Hive and hive.server2.enable.doAs is enabled, will run the queries as service account, but impersonate the currently logged on user via hive.server2.proxy.user property.": [
|
||||
"If Presto, Trino or Drill all the queries in SQL Lab are going to be executed as the currently logged on user who must have permission to run them.<br/>If Hive and hive.server2.enable.doAs is enabled, will run the queries as service account, but impersonate the currently logged on user via hive.server2.proxy.user property.": [
|
||||
""
|
||||
],
|
||||
"Allow SQL Lab to fetch a list of all tables and all views across all database schemas. For large data warehouse with thousands of tables, this can be expensive and put strain on the system.": [
|
||||
|
|
@ -2093,8 +2093,8 @@
|
|||
"Optional CA_BUNDLE contents to validate HTTPS requests. Only available on certain database engines.": [
|
||||
""
|
||||
],
|
||||
"Impersonate Logged In User (Presto & Hive)": [""],
|
||||
"If Presto, all the queries in SQL Lab are going to be executed as the currently logged on user who must have permission to run them. If Hive and hive.server2.enable.doAs is enabled, will run the queries as service account, but impersonate the currently logged on user via hive.server2.proxy.user property.": [
|
||||
"Impersonate Logged In User (Presto, Trino, Drill & Hive)": [""],
|
||||
"If Presto, Trino or Drill all the queries in SQL Lab are going to be executed as the currently logged on user who must have permission to run them. If Hive and hive.server2.enable.doAs is enabled, will run the queries as service account, but impersonate the currently logged on user via hive.server2.proxy.user property.": [
|
||||
""
|
||||
],
|
||||
"Allow data upload": [""],
|
||||
|
|
|
|||
|
|
@ -7789,7 +7789,7 @@ msgid ""
|
|||
msgstr ""
|
||||
|
||||
#: superset-frontend/src/views/CRUD/data/database/DatabaseModal.tsx:591
|
||||
msgid "Impersonate Logged In User (Presto & Hive)"
|
||||
msgid "Impersonate Logged In User (Presto, Trino, Drill & Hive)"
|
||||
msgstr ""
|
||||
|
||||
#: superset-frontend/src/views/CRUD/data/database/DatabaseModal.tsx:593
|
||||
|
|
|
|||
|
|
@ -8008,7 +8008,7 @@ msgid ""
|
|||
msgstr ""
|
||||
|
||||
#: superset-frontend/src/views/CRUD/data/database/DatabaseModal.tsx:570
|
||||
msgid "Impersonate Logged In User (Presto & Hive)"
|
||||
msgid "Impersonate Logged In User (Presto, Trino, Drill & Hive)"
|
||||
msgstr ""
|
||||
|
||||
#: superset-frontend/src/views/CRUD/data/database/DatabaseModal.tsx:573
|
||||
|
|
|
|||
|
|
@ -928,7 +928,7 @@
|
|||
"When allowing CREATE TABLE AS option in SQL Lab, this option forces the table to be created in this schema": [
|
||||
"Ao permitir a opção CREATE TABLE AS no SQL Lab, esta opção força a tabela a ser criada neste esquema"
|
||||
],
|
||||
"If Presto, all the queries in SQL Lab are going to be executed as the currently logged on user who must have permission to run them.<br/>If Hive and hive.server2.enable.doAs is enabled, will run the queries as service account, but impersonate the currently logged on user via hive.server2.proxy.user property.": [
|
||||
"If Presto, Trino or Drill all the queries in SQL Lab are going to be executed as the currently logged on user who must have permission to run them.<br/>If Hive and hive.server2.enable.doAs is enabled, will run the queries as service account, but impersonate the currently logged on user via hive.server2.proxy.user property.": [
|
||||
"Se Presto, todas as consultas no SQL Lab serão executadas como o utilizador atualmente conectado que deve ter permissão para as executar. <br/> Se hive e hive.server2.enable.doAs estiver habilitado, serão executadas as queries como conta de serviço, mas deve personificar o utilizador atualmente conectado recorrendo à propriedade hive.server2.proxy.user."
|
||||
],
|
||||
"Allow SQL Lab to fetch a list of all tables and all views across all database schemas. For large data warehouse with thousands of tables, this can be expensive and put strain on the system.": [
|
||||
|
|
@ -2184,10 +2184,10 @@
|
|||
"Optional CA_BUNDLE contents to validate HTTPS requests. Only available on certain database engines.": [
|
||||
""
|
||||
],
|
||||
"Impersonate Logged In User (Presto & Hive)": [
|
||||
"Impersonate Logged In User (Presto, Trino, Drill & Hive)": [
|
||||
"Personificar o utilizador conectado"
|
||||
],
|
||||
"If Presto, all the queries in SQL Lab are going to be executed as the currently logged on user who must have permission to run them. If Hive and hive.server2.enable.doAs is enabled, will run the queries as service account, but impersonate the currently logged on user via hive.server2.proxy.user property.": [
|
||||
"If Presto, Trino or Drill all the queries in SQL Lab are going to be executed as the currently logged on user who must have permission to run them. If Hive and hive.server2.enable.doAs is enabled, will run the queries as service account, but impersonate the currently logged on user via hive.server2.proxy.user property.": [
|
||||
"Se Presto, todas as consultas no SQL Lab serão executadas como o utilizador atualmente conectado que deve ter permissão para as executar. <br/> Se hive e hive.server2.enable.doAs estiver habilitado, serão executadas as queries como conta de serviço, mas deve personificar o utilizador atualmente conectado recorrendo à propriedade hive.server2.proxy.user."
|
||||
],
|
||||
"Allow Data Upload": [""],
|
||||
|
|
|
|||
|
|
@ -7331,7 +7331,7 @@ msgid ""
|
|||
msgstr ""
|
||||
|
||||
#: superset-frontend/src/views/CRUD/data/database/DatabaseModal.tsx:608
|
||||
msgid "Impersonate Logged In User (Presto & Hive)"
|
||||
msgid "Impersonate Logged In User (Presto, Trino, Drill & Hive)"
|
||||
msgstr "Personificar o utilizador conectado"
|
||||
|
||||
#: superset-frontend/src/views/CRUD/data/database/DatabaseModal.tsx:610
|
||||
|
|
|
|||
|
|
@ -1195,7 +1195,7 @@
|
|||
"When allowing CREATE TABLE AS option in SQL Lab, this option forces the table to be created in this schema": [
|
||||
"Ao permitir a opção CREATE TABLE AS no SQL Lab, esta opção força a tabela a ser criada neste esquema"
|
||||
],
|
||||
"If Presto, all the queries in SQL Lab are going to be executed as the currently logged on user who must have permission to run them.<br/>If Hive and hive.server2.enable.doAs is enabled, will run the queries as service account, but impersonate the currently logged on user via hive.server2.proxy.user property.": [
|
||||
"If Presto, Trino or Drill all the queries in SQL Lab are going to be executed as the currently logged on user who must have permission to run them.<br/>If Hive and hive.server2.enable.doAs is enabled, will run the queries as service account, but impersonate the currently logged on user via hive.server2.proxy.user property.": [
|
||||
"Se Presto, todas as consultas no SQL Lab serão executadas como o utilizador atualmente conectado que deve ter permissão para as executar. <br/> Se hive e hive.server2.enable.doAs estiver habilitado, serão executadas as queries como conta de serviço, mas deve personificar o utilizador atualmente conectado recorrendo à propriedade hive.server2.proxy.user."
|
||||
],
|
||||
"Expose in SQL Lab": ["Expor no SQL Lab"],
|
||||
|
|
|
|||
|
|
@ -1215,7 +1215,7 @@
|
|||
"When allowing CREATE TABLE AS option in SQL Lab, this option forces the table to be created in this schema": [
|
||||
"Ao permitir a opção CREATE TABLE AS no SQL Lab, esta opção força a tabela a ser criada neste esquema"
|
||||
],
|
||||
"If Presto, all the queries in SQL Lab are going to be executed as the currently logged on user who must have permission to run them.<br/>If Hive and hive.server2.enable.doAs is enabled, will run the queries as service account, but impersonate the currently logged on user via hive.server2.proxy.user property.": [
|
||||
"If Presto, Trino or Drill all the queries in SQL Lab are going to be executed as the currently logged on user who must have permission to run them.<br/>If Hive and hive.server2.enable.doAs is enabled, will run the queries as service account, but impersonate the currently logged on user via hive.server2.proxy.user property.": [
|
||||
"Se Presto, todas as consultas no SQL Lab serão executadas como o usuário atualmente conectado que deve ter permissão para executá-las. <br/> Se hive e hive.server2.enable.doAs estiver habilitado, será executado as consultas como conta de serviço, mas personifique o usuário atualmente conectado usando a propriedade hive.server2.proxy.user."
|
||||
],
|
||||
"Allow SQL Lab to fetch a list of all tables and all views across all database schemas. For large data warehouse with thousands of tables, this can be expensive and put strain on the system.": [
|
||||
|
|
@ -2641,10 +2641,10 @@
|
|||
"Optional CA_BUNDLE contents to validate HTTPS requests. Only available on certain database engines.": [
|
||||
"Conteúdo CA_BUNDLE opcional para validar requisições HTTPS. Disponível apenas em certos bancos de dados."
|
||||
],
|
||||
"Impersonate Logged In User (Presto & Hive)": [
|
||||
"Impersonate Logged In User (Presto, Trino, Drill & Hive)": [
|
||||
"Personificar usuário logado (Presto e Hive)"
|
||||
],
|
||||
"If Presto, all the queries in SQL Lab are going to be executed as the currently logged on user who must have permission to run them. If Hive and hive.server2.enable.doAs is enabled, will run the queries as service account, but impersonate the currently logged on user via hive.server2.proxy.user property.": [
|
||||
"If Presto, Trino or Drill all the queries in SQL Lab are going to be executed as the currently logged on user who must have permission to run them. If Hive and hive.server2.enable.doAs is enabled, will run the queries as service account, but impersonate the currently logged on user via hive.server2.proxy.user property.": [
|
||||
"Se Presto, todas as consultas no SQL Lab serão executadas utilizando o usuário logado atual que deve ter permissão para executá-las. Se Hive e hive.server2.enable.doAs for habilitado, as consultas serão executadas como conta de serviço, mas personificarão o usuário logado atual via propriedade hive.server2.proxy.user."
|
||||
],
|
||||
"Allow data upload": ["Permitir carga de dados"],
|
||||
|
|
|
|||
|
|
@ -7759,7 +7759,7 @@ msgstr ""
|
|||
"apenas em certos bancos de dados."
|
||||
|
||||
#: superset-frontend/src/views/CRUD/data/database/DatabaseModal.tsx:608
|
||||
msgid "Impersonate Logged In User (Presto & Hive)"
|
||||
msgid "Impersonate Logged In User (Presto, Trino, Drill & Hive)"
|
||||
msgstr "Personificar usuário logado (Presto e Hive)"
|
||||
|
||||
#: superset-frontend/src/views/CRUD/data/database/DatabaseModal.tsx:610
|
||||
|
|
|
|||
|
|
@ -1131,7 +1131,7 @@
|
|||
"When allowing CREATE TABLE AS option in SQL Lab, this option forces the table to be created in this schema": [
|
||||
"При разрешении опции CREATE TABLE AS в редакторе SQL эта опция создаст таблицу в выбранной схеме"
|
||||
],
|
||||
"If Presto, all the queries in SQL Lab are going to be executed as the currently logged on user who must have permission to run them.<br/>If Hive and hive.server2.enable.doAs is enabled, will run the queries as service account, but impersonate the currently logged on user via hive.server2.proxy.user property.": [
|
||||
"If Presto, Trino or Drill all the queries in SQL Lab are going to be executed as the currently logged on user who must have permission to run them.<br/>If Hive and hive.server2.enable.doAs is enabled, will run the queries as service account, but impersonate the currently logged on user via hive.server2.proxy.user property.": [
|
||||
"Если вы используете Presto, все запросы в SQL-Редакторе будут выполняться от авторизованного пользователя, который должен иметь разрешение на их выполнение. <br/> Если включен Hive, то запросы будут выполняться через техническую учетную запись, но ассоциировать зарегистрированного пользователя можно через свойство hive.server2.proxy.user."
|
||||
],
|
||||
"Allow SQL Lab to fetch a list of all tables and all views across all database schemas. For large data warehouse with thousands of tables, this can be expensive and put strain on the system.": [
|
||||
|
|
@ -2517,10 +2517,10 @@
|
|||
"Optional CA_BUNDLE contents to validate HTTPS requests. Only available on certain database engines.": [
|
||||
""
|
||||
],
|
||||
"Impersonate Logged In User (Presto & Hive)": [
|
||||
"Impersonate Logged In User (Presto, Trino, Drill & Hive)": [
|
||||
"Ассоциировать пользователя"
|
||||
],
|
||||
"If Presto, all the queries in SQL Lab are going to be executed as the currently logged on user who must have permission to run them. If Hive and hive.server2.enable.doAs is enabled, will run the queries as service account, but impersonate the currently logged on user via hive.server2.proxy.user property.": [
|
||||
"If Presto, Trino or Drill all the queries in SQL Lab are going to be executed as the currently logged on user who must have permission to run them. If Hive and hive.server2.enable.doAs is enabled, will run the queries as service account, but impersonate the currently logged on user via hive.server2.proxy.user property.": [
|
||||
"Если вы используете Presto, все запросы в SQL-Редакторе будут выполняться от авторизованного пользователя, который должен иметь разрешение на их выполнение. <br/> Если включен Hive, то запросы будут выполняться через техническую учетную запись, но ассоциировать зарегистрированного пользователя можно через свойство hive.server2.proxy.user."
|
||||
],
|
||||
"Allow data upload": ["Разрешить загрузку данных"],
|
||||
|
|
|
|||
|
|
@ -7600,7 +7600,7 @@ msgid ""
|
|||
msgstr ""
|
||||
|
||||
#: superset-frontend/src/views/CRUD/data/database/DatabaseModal.tsx:608
|
||||
msgid "Impersonate Logged In User (Presto & Hive)"
|
||||
msgid "Impersonate Logged In User (Presto, Trino, Drill & Hive)"
|
||||
msgstr "Ассоциировать пользователя"
|
||||
|
||||
#: superset-frontend/src/views/CRUD/data/database/DatabaseModal.tsx:610
|
||||
|
|
|
|||
|
|
@ -1429,7 +1429,7 @@
|
|||
"When allowing CREATE TABLE AS option in SQL Lab, this option forces the table to be created in this schema": [
|
||||
"Z dovolitvijo opcije CREATE TABLE AS v SQL laboratoriju se tabele ustvarjajo s to shemo"
|
||||
],
|
||||
"If Presto, all the queries in SQL Lab are going to be executed as the currently logged on user who must have permission to run them.<br/>If Hive and hive.server2.enable.doAs is enabled, will run the queries as service account, but impersonate the currently logged on user via hive.server2.proxy.user property.": [
|
||||
"If Presto, Trino or Drill all the queries in SQL Lab are going to be executed as the currently logged on user who must have permission to run them.<br/>If Hive and hive.server2.enable.doAs is enabled, will run the queries as service account, but impersonate the currently logged on user via hive.server2.proxy.user property.": [
|
||||
"V primeru Presto se vse poizvedbe v SQL laboratoriju zaženejo pod trenutno prijavljenim uporabnikom, ki mora imeti pravice za poganjanje.<br/>Če je omogočen Hive in hive.server2.enable.doAs, poizvedbe tečejo pod servisnim računom, vendar je trenutno prijavljen uporabnik predstavljen z lastnostjo hive.server2.proxy.user."
|
||||
],
|
||||
"Allow SQL Lab to fetch a list of all tables and all views across all database schemas. For large data warehouse with thousands of tables, this can be expensive and put strain on the system.": [
|
||||
|
|
@ -3054,10 +3054,10 @@
|
|||
"Optional CA_BUNDLE contents to validate HTTPS requests. Only available on certain database engines.": [
|
||||
"Opcijska CA_BUNDLE vsebina, za potrjevanje HTTPS zahtev. Razpoložljivo le na določenih sistemih podatkovnih baz."
|
||||
],
|
||||
"Impersonate Logged In User (Presto, Hive, and GSheets)": [
|
||||
"Impersonate Logged In User (Presto, Trino, Drill, Hive, and GSheets)": [
|
||||
"Predstavljanje kot prijavljeni uporabnik (Presto, Hive in GSheets)"
|
||||
],
|
||||
"If Presto, all the queries in SQL Lab are going to be executed as the currently logged on user who must have permission to run them. If Hive and hive.server2.enable.doAs is enabled, will run the queries as service account, but impersonate the currently logged on user via hive.server2.proxy.user property.": [
|
||||
"If Presto, Trino or Drill all the queries in SQL Lab are going to be executed as the currently logged on user who must have permission to run them. If Hive and hive.server2.enable.doAs is enabled, will run the queries as service account, but impersonate the currently logged on user via hive.server2.proxy.user property.": [
|
||||
"V Presto se vse poizvedbe v SQL laboratoriju zaženejo pod trenutno prijavljenim uporabnikom, ki mora imeti pravice za poganjanje. Če je omogočen Hive in hive.server2.enable.doAs, poizvedbe tečejo pod servisnim računom, vendar je trenutno prijavljen uporabnik predstavljen z lastnostjo hive.server2.proxy.user."
|
||||
],
|
||||
"Allow data upload": ["Dovoli nalaganje podatkov"],
|
||||
|
|
|
|||
|
|
@ -9234,7 +9234,7 @@ msgstr ""
|
|||
"določenih sistemih podatkovnih baz."
|
||||
|
||||
#: superset-frontend/src/views/CRUD/data/database/DatabaseModal/ExtraOptions.tsx:294
|
||||
msgid "Impersonate Logged In User (Presto, Hive, and GSheets)"
|
||||
msgid "Impersonate Logged In User (Presto, Trino, Drill, Hive, and GSheets)"
|
||||
msgstr "Predstavljanje kot prijavljeni uporabnik (Presto, Hive in GSheets)"
|
||||
|
||||
#: superset-frontend/src/views/CRUD/data/database/DatabaseModal/ExtraOptions.tsx:299
|
||||
|
|
|
|||
|
|
@ -994,7 +994,7 @@
|
|||
"When allowing CREATE TABLE AS option in SQL Lab, this option forces the table to be created in this schema": [
|
||||
"当在 SQL 编辑器中允许 CREATE TABLE AS 选项时,此选项可以此模式中强制创建表"
|
||||
],
|
||||
"If Presto, all the queries in SQL Lab are going to be executed as the currently logged on user who must have permission to run them.<br/>If Hive and hive.server2.enable.doAs is enabled, will run the queries as service account, but impersonate the currently logged on user via hive.server2.proxy.user property.": [
|
||||
"If Presto, Trino or Drill all the queries in SQL Lab are going to be executed as the currently logged on user who must have permission to run them.<br/>If Hive and hive.server2.enable.doAs is enabled, will run the queries as service account, but impersonate the currently logged on user via hive.server2.proxy.user property.": [
|
||||
"如果使用Presto,SQL 工具箱中的所有查询都将被当前登录的用户执行,并且这些用户必须拥有运行它们的权限。<br/>如果启用 Hive 和hive.server2.enable.doAs,将作为服务帐户运行查询,但会根据hive.server2.proxy.user的属性伪装当前登录用户。"
|
||||
],
|
||||
"Allow SQL Lab to fetch a list of all tables and all views across all database schemas. For large data warehouse with thousands of tables, this can be expensive and put strain on the system.": [
|
||||
|
|
@ -2280,10 +2280,10 @@
|
|||
"Optional CA_BUNDLE contents to validate HTTPS requests. Only available on certain database engines.": [
|
||||
"用于验证HTTPS请求的可选 CA_BUNDLE 内容。仅在某些数据库引擎上可用。"
|
||||
],
|
||||
"Impersonate Logged In User (Presto & Hive)": [
|
||||
"模拟登录用户 (Presto & Hive)"
|
||||
"Impersonate Logged In User (Presto, Trino, Drill & Hive)": [
|
||||
"模拟登录用户 (Presto, Trino, Drill & Hive)"
|
||||
],
|
||||
"If Presto, all the queries in SQL Lab are going to be executed as the currently logged on user who must have permission to run them. If Hive and hive.server2.enable.doAs is enabled, will run the queries as service account, but impersonate the currently logged on user via hive.server2.proxy.user property.": [
|
||||
"If Presto, Trino or Drill all the queries in SQL Lab are going to be executed as the currently logged on user who must have permission to run them. If Hive and hive.server2.enable.doAs is enabled, will run the queries as service account, but impersonate the currently logged on user via hive.server2.proxy.user property.": [
|
||||
"如果使用Presto,SQL 工具箱中的所有查询都将被当前登录的用户执行,并且这些用户必须拥有运行它们的权限。如果启用 Hive 和 hive.server2.enable.doAs,将作为服务帐户运行查询,但会根据 hive.server2.proxy.user 的属性伪装当前登录用户。"
|
||||
],
|
||||
"Allow data upload": ["允许数据上传"],
|
||||
|
|
|
|||
|
|
@ -7417,8 +7417,8 @@ msgid ""
|
|||
msgstr "用于验证HTTPS请求的可选 CA_BUNDLE 内容。仅在某些数据库引擎上可用。"
|
||||
|
||||
#: superset-frontend/src/views/CRUD/data/database/DatabaseModal.tsx:608
|
||||
msgid "Impersonate Logged In User (Presto & Hive)"
|
||||
msgstr "模拟登录用户 (Presto & Hive)"
|
||||
msgid "Impersonate Logged In User (Presto, Trino, Drill & Hive)"
|
||||
msgstr "模拟登录用户 (Presto, Trino, Drill & Hive)"
|
||||
|
||||
#: superset-frontend/src/views/CRUD/data/database/DatabaseModal.tsx:610
|
||||
msgid ""
|
||||
|
|
|
|||
|
|
@ -0,0 +1,67 @@
|
|||
# Licensed to the Apache Software Foundation (ASF) under one
|
||||
# or more contributor license agreements. See the NOTICE file
|
||||
# distributed with this work for additional information
|
||||
# regarding copyright ownership. The ASF licenses this file
|
||||
# to you under the Apache License, Version 2.0 (the
|
||||
# "License"); you may not use this file except in compliance
|
||||
# with the License. You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing,
|
||||
# software distributed under the License is distributed on an
|
||||
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
# KIND, either express or implied. See the License for the
|
||||
# specific language governing permissions and limitations
|
||||
# under the License.
|
||||
# pylint: disable=unused-argument, import-outside-toplevel, protected-access
|
||||
|
||||
from flask.ctx import AppContext
|
||||
|
||||
|
||||
def test_odbc_impersonation(app_context: AppContext) -> None:
|
||||
"""
|
||||
Test ``modify_url_for_impersonation`` method when driver == odbc.
|
||||
|
||||
The method adds the parameter ``DelegationUID`` to the query string.
|
||||
"""
|
||||
from sqlalchemy.engine.url import URL
|
||||
|
||||
from superset.db_engine_specs.drill import DrillEngineSpec
|
||||
|
||||
url = URL("drill+odbc")
|
||||
username = "DoAsUser"
|
||||
DrillEngineSpec.modify_url_for_impersonation(url, True, username)
|
||||
assert url.query["DelegationUID"] == username
|
||||
|
||||
|
||||
def test_jdbc_impersonation(app_context: AppContext) -> None:
|
||||
"""
|
||||
Test ``modify_url_for_impersonation`` method when driver == jdbc.
|
||||
|
||||
The method adds the parameter ``impersonation_target`` to the query string.
|
||||
"""
|
||||
from sqlalchemy.engine.url import URL
|
||||
|
||||
from superset.db_engine_specs.drill import DrillEngineSpec
|
||||
|
||||
url = URL("drill+jdbc")
|
||||
username = "DoAsUser"
|
||||
DrillEngineSpec.modify_url_for_impersonation(url, True, username)
|
||||
assert url.query["impersonation_target"] == username
|
||||
|
||||
|
||||
def test_sadrill_impersonation(app_context: AppContext) -> None:
|
||||
"""
|
||||
Test ``modify_url_for_impersonation`` method when driver == sadrill.
|
||||
|
||||
The method changes the username of URL Object.
|
||||
"""
|
||||
from sqlalchemy.engine.url import URL
|
||||
|
||||
from superset.db_engine_specs.drill import DrillEngineSpec
|
||||
|
||||
url = URL("drill+sadrill")
|
||||
username = "DoAsUser"
|
||||
DrillEngineSpec.modify_url_for_impersonation(url, True, username)
|
||||
assert url.username == username
|
||||
Loading…
Reference in New Issue