iop
/
superset
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

chore(tests): Remove ineffectual login (#27149)

This commit is contained in:
John Bodley 2024-04-09 09:52:02 -07:00 committed by GitHub
parent ae0f2ce3c1
commit 481a63da55
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
47 changed files with 857 additions and 802 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
tests/integration_tests/access_tests.py
View File

@ -43,7 +43,7 @@ from superset.models import core as models
from superset.utils.core import get_user_id, get_username, override_user
from superset.utils.database import get_example_database
from .base_tests import SupersetTestCase
from tests.integration_tests.base_tests import SupersetTestCase
ROLE_TABLES_PERM_DATA = {
"role_name": "override_me",
@ -103,15 +103,12 @@ class TestRequestAccess(SupersetTestCase):
db.session.delete(security_manager.find_role(SCHEMA_ACCESS_ROLE))
db.session.commit()
def setUp(self):
self.login("admin")
def tearDown(self):
self.logout()
override_me = security_manager.find_role("override_me")
override_me.permissions = []
db.session.commit()
db.session.close()
super().tearDown()
@pytest.mark.parametrize(

69
tests/integration_tests/annotation_layers/api_tests.py
View File

@ -36,6 +36,7 @@ from tests.unit_tests.annotation_layers.fixtures import (
START_STR,
END_STR,
)
from tests.integration_tests.constants import ADMIN_USERNAME
ANNOTATION_LAYERS_COUNT = 10
ANNOTATIONS_COUNT = 5
@ -61,7 +62,7 @@ class TestAnnotationLayerApi(SupersetTestCase):
.first()
)
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/annotation_layer/{annotation_layer.id}"
rv = self.get_assert_metric(uri, "get")
assert rv.status_code == 200
@ -78,7 +79,7 @@ class TestAnnotationLayerApi(SupersetTestCase):
"""
Annotation API: Test info
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "api/v1/annotation_layer/_info"
rv = self.get_assert_metric(uri, "info")
assert rv.status_code == 200
@ -87,7 +88,7 @@ class TestAnnotationLayerApi(SupersetTestCase):
"""
Annotation API: Test info security
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
params = {"keys": ["permissions"]}
uri = f"api/v1/annotation_layer/_info?q={prison.dumps(params)}"
rv = self.get_assert_metric(uri, "info")
@ -103,7 +104,7 @@ class TestAnnotationLayerApi(SupersetTestCase):
Annotation Api: Test get annotation layer not found
"""
max_id = db.session.query(func.max(AnnotationLayer.id)).scalar()
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/annotation_layer/{max_id + 1}"
rv = self.get_assert_metric(uri, "get")
assert rv.status_code == 404
@ -113,7 +114,7 @@ class TestAnnotationLayerApi(SupersetTestCase):
"""
Annotation Api: Test get list annotation layers
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "api/v1/annotation_layer/"
rv = self.get_assert_metric(uri, "get_list")
@ -137,7 +138,7 @@ class TestAnnotationLayerApi(SupersetTestCase):
"""
Annotation Api: Test sorting on get list annotation layers
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "api/v1/annotation_layer/"
order_columns = [
@ -161,7 +162,7 @@ class TestAnnotationLayerApi(SupersetTestCase):
"""
Annotation Api: Test filters on get list annotation layers
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
arguments = {
"columns": ["name", "descr"],
"filters": [
@ -203,7 +204,7 @@ class TestAnnotationLayerApi(SupersetTestCase):
"""
Annotation Api: Test create annotation layer
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
annotation_layer_data = {
"name": "new3",
"descr": "description",
@ -225,7 +226,7 @@ class TestAnnotationLayerApi(SupersetTestCase):
"""
Annotation Api: Test create incorrect annotation layer
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
annotation_layer_data = {}
uri = "api/v1/annotation_layer/"
rv = self.client.post(uri, json=annotation_layer_data)
@ -238,7 +239,7 @@ class TestAnnotationLayerApi(SupersetTestCase):
"""
Annotation Api: Test create annotation layer uniqueness
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
annotation_layer_data = {"name": "name3", "descr": "description"}
uri = "api/v1/annotation_layer/"
rv = self.client.post(uri, json=annotation_layer_data)
@ -257,7 +258,7 @@ class TestAnnotationLayerApi(SupersetTestCase):
.one_or_none()
)
self.login(username="admin")
self.login(ADMIN_USERNAME)
annotation_layer_data = {"name": "changed_name"}
uri = f"api/v1/annotation_layer/{annotation_layer.id}"
rv = self.client.put(uri, json=annotation_layer_data)
@ -279,7 +280,7 @@ class TestAnnotationLayerApi(SupersetTestCase):
.one_or_none()
)
self.login(username="admin")
self.login(ADMIN_USERNAME)
annotation_layer_data = {"name": "name3", "descr": "changed_description"}
uri = f"api/v1/annotation_layer/{annotation_layer.id}"
rv = self.client.put(uri, json=annotation_layer_data)
@ -294,7 +295,7 @@ class TestAnnotationLayerApi(SupersetTestCase):
"""
max_id = db.session.query(func.max(AnnotationLayer.id)).scalar()
self.login(username="admin")
self.login(ADMIN_USERNAME)
annotation_layer_data = {"name": "changed_name", "descr": "changed_description"}
uri = f"api/v1/annotation_layer/{max_id + 1}"
rv = self.client.put(uri, json=annotation_layer_data)
@ -310,7 +311,7 @@ class TestAnnotationLayerApi(SupersetTestCase):
.filter(AnnotationLayer.name == "name1")
.one_or_none()
)
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/annotation_layer/{annotation_layer.id}"
rv = self.client.delete(uri)
assert rv.status_code == 200
@ -323,7 +324,7 @@ class TestAnnotationLayerApi(SupersetTestCase):
Annotation Api: Test delete annotation layer not found
"""
max_id = db.session.query(func.max(AnnotationLayer.id)).scalar()
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/annotation_layer/{max_id + 1}"
rv = self.client.delete(uri)
assert rv.status_code == 404
@ -337,7 +338,7 @@ class TestAnnotationLayerApi(SupersetTestCase):
AnnotationLayer.name == "layer_with_annotations"
)
child_layer = query_child_layer.one_or_none()
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/annotation_layer/{child_layer.id}"
rv = self.client.delete(uri)
assert rv.status_code == 422
@ -355,7 +356,7 @@ class TestAnnotationLayerApi(SupersetTestCase):
no_child_layers_ids = [
annotation_layer.id for annotation_layer in no_child_layers
]
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/annotation_layer/?q={prison.dumps(no_child_layers_ids)}"
rv = self.client.delete(uri)
assert rv.status_code == 200
@ -382,7 +383,7 @@ class TestAnnotationLayerApi(SupersetTestCase):
]
max_id = db.session.query(func.max(AnnotationLayer.id)).scalar()
all_annotation_layers_ids.append(max_id + 1)
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/annotation_layer/?q={prison.dumps(all_annotation_layers_ids)}"
rv = self.client.delete(uri)
assert rv.status_code == 404
@ -399,7 +400,7 @@ class TestAnnotationLayerApi(SupersetTestCase):
.one_or_none()
)
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = (
f"api/v1/annotation_layer/{annotation.layer_id}/annotation/{annotation.id}"
)
@ -426,7 +427,7 @@ class TestAnnotationLayerApi(SupersetTestCase):
"""
layer = self.get_layer_with_annotation()
max_id = db.session.query(func.max(Annotation.id)).scalar()
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/annotation_layer/{layer.id}/annotation/{max_id + 1}"
rv = self.get_assert_metric(uri, "get")
assert rv.status_code == 404
@ -437,7 +438,7 @@ class TestAnnotationLayerApi(SupersetTestCase):
Annotation Api: Test get list of annotations
"""
layer = self.get_layer_with_annotation()
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/annotation_layer/{layer.id}/annotation/"
rv = self.get_assert_metric(uri, "get_list")
@ -461,7 +462,7 @@ class TestAnnotationLayerApi(SupersetTestCase):
Annotation Api: Test sorting on get list of annotations
"""
layer = self.get_layer_with_annotation()
self.login(username="admin")
self.login(ADMIN_USERNAME)
order_columns = [
"short_descr",
@ -483,7 +484,7 @@ class TestAnnotationLayerApi(SupersetTestCase):
Annotation Api: Test filters on get list annotation layers
"""
layer = self.get_layer_with_annotation()
self.login(username="admin")
self.login(ADMIN_USERNAME)
arguments = {
"filters": [
{"col": "short_descr", "opr": "annotation_all_text", "value": "2"}
@ -515,7 +516,7 @@ class TestAnnotationLayerApi(SupersetTestCase):
"""
layer = self.get_layer_with_annotation()
self.login(username="admin")
self.login(ADMIN_USERNAME)
annotation_data = {
"short_descr": "new",
"long_descr": "description",
@ -542,7 +543,7 @@ class TestAnnotationLayerApi(SupersetTestCase):
"""
layer = self.get_layer_with_annotation()
self.login(username="admin")
self.login(ADMIN_USERNAME)
annotation_data = {
"long_descr": "description",
}
@ -565,7 +566,7 @@ class TestAnnotationLayerApi(SupersetTestCase):
"""
layer = self.get_layer_with_annotation()
self.login(username="admin")
self.login(ADMIN_USERNAME)
annotation_data = {
"short_descr": "short_descr2",
"long_descr": "description",
@ -594,7 +595,7 @@ class TestAnnotationLayerApi(SupersetTestCase):
.one_or_none()
)
self.login(username="admin")
self.login(ADMIN_USERNAME)
annotation_data = {
"short_descr": "changed_name",
}
@ -619,7 +620,7 @@ class TestAnnotationLayerApi(SupersetTestCase):
.one_or_none()
)
self.login(username="admin")
self.login(ADMIN_USERNAME)
annotation_data = {"start_dttm": None, "end_dttm": None}
uri = f"api/v1/annotation_layer/{layer.id}/annotation/{annotation.id}"
rv = self.client.put(uri, json=annotation_data)
@ -644,7 +645,7 @@ class TestAnnotationLayerApi(SupersetTestCase):
.one_or_none()
)
self.login(username="admin")
self.login(ADMIN_USERNAME)
annotation_layer_data = {
"short_descr": "short_descr3",
"long_descr": "changed_description",
@ -667,7 +668,7 @@ class TestAnnotationLayerApi(SupersetTestCase):
layer = self.get_layer_with_annotation()
max_id = db.session.query(func.max(Annotation.id)).scalar()
self.login(username="admin")
self.login(ADMIN_USERNAME)
annotation_layer_data = {
"short_descr": "changed_name",
}
@ -686,7 +687,7 @@ class TestAnnotationLayerApi(SupersetTestCase):
.filter(Annotation.short_descr == "short_descr1")
.one_or_none()
)
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/annotation_layer/{layer.id}/annotation/{annotation.id}"
rv = self.client.delete(uri)
assert rv.status_code == 200
@ -700,7 +701,7 @@ class TestAnnotationLayerApi(SupersetTestCase):
"""
layer = self.get_layer_with_annotation()
max_id = db.session.query(func.max(Annotation.id)).scalar()
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/annotation_layer/{layer.id}/annotation{max_id + 1}"
rv = self.client.delete(uri)
assert rv.status_code == 404
@ -717,7 +718,7 @@ class TestAnnotationLayerApi(SupersetTestCase):
annotations = query_annotations.all()
annotations_ids = [annotation.id for annotation in annotations]
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/annotation_layer/{layer.id}/annotation/?q={prison.dumps(annotations_ids)}"
rv = self.client.delete(uri)
assert rv.status_code == 200
@ -743,7 +744,7 @@ class TestAnnotationLayerApi(SupersetTestCase):
max_id = db.session.query(func.max(Annotation.id)).scalar()
annotations_ids.append(max_id + 1)
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/annotation_layer/{layer.id}/annotation/?q={prison.dumps(annotations_ids)}"
rv = self.client.delete(uri)
assert rv.status_code == 404

9
tests/integration_tests/async_events/api_tests.py
View File

@ -20,6 +20,7 @@ from unittest import mock
from superset.extensions import async_query_manager
from tests.integration_tests.base_tests import SupersetTestCase
from tests.integration_tests.constants import ADMIN_USERNAME
from tests.integration_tests.test_app import app
@ -35,7 +36,7 @@ class TestAsyncEventApi(SupersetTestCase):
def test_events(self, mock_uuid4):
app._got_first_request = False
async_query_manager.init_app(app)
self.login(username="admin")
self.login(ADMIN_USERNAME)
with mock.patch.object(async_query_manager._redis, "xrange") as mock_xrange:
rv = self.fetch_events()
response = json.loads(rv.data.decode("utf-8"))
@ -49,7 +50,7 @@ class TestAsyncEventApi(SupersetTestCase):
def test_events_last_id(self, mock_uuid4):
app._got_first_request = False
async_query_manager.init_app(app)
self.login(username="admin")
self.login(ADMIN_USERNAME)
with mock.patch.object(async_query_manager._redis, "xrange") as mock_xrange:
rv = self.fetch_events("1607471525180-0")
response = json.loads(rv.data.decode("utf-8"))
@ -63,7 +64,7 @@ class TestAsyncEventApi(SupersetTestCase):
def test_events_results(self, mock_uuid4):
app._got_first_request = False
async_query_manager.init_app(app)
self.login(username="admin")
self.login(ADMIN_USERNAME)
with mock.patch.object(async_query_manager._redis, "xrange") as mock_xrange:
mock_xrange.return_value = [
(
@ -116,7 +117,7 @@ class TestAsyncEventApi(SupersetTestCase):
assert rv.status_code == 401
def test_events_no_token(self):
self.login(username="admin")
self.login(ADMIN_USERNAME)
self.client.set_cookie(app.config["GLOBAL_ASYNC_QUERIES_JWT_COOKIE_NAME"], "")
rv = self.fetch_events()
assert rv.status_code == 401

37
tests/integration_tests/base_api_tests.py
View File

@ -33,8 +33,9 @@ from superset.extensions import appbuilder
from superset.models.dashboard import Dashboard
from superset.views.base_api import BaseSupersetModelRestApi, requires_json
from .base_tests import SupersetTestCase
from .conftest import with_config
from tests.integration_tests.base_tests import SupersetTestCase
from tests.integration_tests.conftest import with_config
from tests.integration_tests.constants import ADMIN_USERNAME
class Model1Api(BaseSupersetModelRestApi):
@ -65,7 +66,7 @@ class TestOpenApiSpec(SupersetTestCase):
"""
from openapi_spec_validator import validate_spec
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "api/v1/_openapi"
rv = self.client.get(uri)
self.assertEqual(rv.status_code, 200)
@ -83,7 +84,7 @@ class TestBaseModelRestApi(SupersetTestCase):
not render all columns by default but just the model's pk
"""
# Check get list response
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "api/v1/model1api/"
rv = self.client.get(uri)
self.assertEqual(rv.status_code, 200)
@ -108,7 +109,7 @@ class TestBaseModelRestApi(SupersetTestCase):
We want to make sure that not declared edit_columns will
not render all columns by default but just the model's pk
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "api/v1/_openapi"
rv = self.client.get(uri)
# dashboard model accepts all fields are null
@ -140,7 +141,7 @@ class TestBaseModelRestApi(SupersetTestCase):
"json_metadata": '{"b": "B"}',
"published": True,
}
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "api/v1/model1api/"
rv = self.client.post(uri, json=dashboard_data)
response = json.loads(rv.data.decode("utf-8"))
@ -163,7 +164,7 @@ class TestBaseModelRestApi(SupersetTestCase):
We want to make sure that non-JSON request are refused
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "api/v1/report/" # endpoint decorated with @requires_json
rv = self.client.post(
uri, data="a: value\nb: 1\n", content_type="application/yaml"
@ -180,7 +181,7 @@ class TestBaseModelRestApi(SupersetTestCase):
"""
dashboard = db.session.query(Dashboard).first()
dashboard_data = {"dashboard_title": "CHANGED", "slug": "CHANGED"}
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/model1api/{dashboard.id}"
rv = self.client.put(uri, json=dashboard_data)
response = json.loads(rv.data.decode("utf-8"))
@ -205,7 +206,7 @@ class ApiOwnersTestCaseMixin:
"""
API: Test get related owners
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/{self.resource_name}/related/owners"
rv = self.client.get(uri)
assert rv.status_code == 200
@ -223,7 +224,7 @@ class ApiOwnersTestCaseMixin:
"""
API: Test get related owners with extra related query filters
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
def _base_filter(query):
return query.filter_by(username="alpha")
@ -243,7 +244,7 @@ class ApiOwnersTestCaseMixin:
"""
API: Test get related owners with pagination
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
page_size = 1
argument = {"page_size": page_size}
uri = f"api/v1/{self.resource_name}/related/owners?q={prison.dumps(argument)}"
@ -267,7 +268,7 @@ class ApiOwnersTestCaseMixin:
"""
API: Test get related owners with pagination returns 422
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
argument = {"page": 1, "page_size": 1, "include_ids": [2]}
uri = f"api/v1/{self.resource_name}/related/owners?q={prison.dumps(argument)}"
rv = self.client.get(uri)
@ -277,7 +278,7 @@ class ApiOwnersTestCaseMixin:
"""
API: Test get filter related owners
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
argument = {"filter": "gamma"}
uri = f"api/v1/{self.resource_name}/related/owners?q={prison.dumps(argument)}"
@ -316,7 +317,7 @@ class ApiOwnersTestCaseMixin:
"""
API: Test get base filter related owners
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/{self.resource_name}/related/owners"
gamma_user = (
db.session.query(security_manager.user_model)
@ -343,7 +344,7 @@ class ApiOwnersTestCaseMixin:
"""
API: Test get base filter related owners using security manager
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/{self.resource_name}/related/owners"
gamma_user = (
db.session.query(security_manager.user_model)
@ -364,7 +365,7 @@ class ApiOwnersTestCaseMixin:
"""
API: Test get filter related owners
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
argument = {"filter": "gamma_sqllab", "include_ids": [2]}
uri = f"api/v1/{self.resource_name}/related/owners?q={prison.dumps(argument)}"
@ -391,7 +392,7 @@ class ApiOwnersTestCaseMixin:
"""
API: Test get filter related owners
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
argument = {"filter": "gamma_sqllab", "include_ids": [2, 4]}
uri = f"api/v1/{self.resource_name}/related/owners?q={prison.dumps(argument)}"
@ -418,7 +419,7 @@ class ApiOwnersTestCaseMixin:
"""
API: Test get related fail
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/{self.resource_name}/related/owner"
rv = self.client.get(uri)

11
tests/integration_tests/base_tests.py
View File

@ -106,6 +106,9 @@ class SupersetTestCase(TestCase):
maxDiff = -1
def tearDown(self):
self.logout()
def create_app(self):
return app
@ -196,7 +199,7 @@ class SupersetTestCase(TestCase):
db.session.commit()
return obj
def login(self, username="admin", password="general"):
def login(self, username, password="general"):
return login(self.client, username, password)
def get_slice(self, slice_name: str) -> Slice:
@ -311,7 +314,7 @@ class SupersetTestCase(TestCase):
):
if username:
self.logout()
self.login(username=username)
self.login(username)
dbid = SupersetTestCase.get_database_by_name(database_name).id
json_payload = {
"database_id": dbid,
@ -332,12 +335,13 @@ class SupersetTestCase(TestCase):
resp = self.get_json_resp(
"/api/v1/sqllab/execute/", raise_on_error=False, json_=json_payload
)
if username:
self.logout()
if raise_on_error and "error" in resp:
raise Exception("run_sql failed")
return resp
def create_fake_db(self):
self.login(username="admin")
database_name = FAKE_DB_NAME
db_id = 100
extra = """{
@ -363,7 +367,6 @@ class SupersetTestCase(TestCase):
db.session.delete(database)
def create_fake_db_for_macros(self):
self.login(username="admin")
database_name = "db_for_macros_testing"
db_id = 200
database = self.get_or_create(

7
tests/integration_tests/cache_tests.py
View File

@ -22,23 +22,24 @@ import pytest
from superset import app, db
from superset.common.db_query_status import QueryStatus
from superset.extensions import cache_manager
from tests.integration_tests.base_tests import SupersetTestCase
from tests.integration_tests.constants import ADMIN_USERNAME
from tests.integration_tests.fixtures.birth_names_dashboard import (
load_birth_names_dashboard_with_slices,
load_birth_names_data,
)
from .base_tests import SupersetTestCase
class TestCache(SupersetTestCase):
def setUp(self):
self.login(username="admin")
self.login(ADMIN_USERNAME)
cache_manager.cache.clear()
cache_manager.data_cache.clear()
def tearDown(self):
cache_manager.cache.clear()
cache_manager.data_cache.clear()
super().tearDown()
@pytest.mark.usefixtures("load_birth_names_dashboard_with_slices")
def test_no_data_cache(self):

131
tests/integration_tests/charts/api_tests.py
View File

@ -42,6 +42,11 @@ from superset.viz import viz_types
from tests.integration_tests.base_api_tests import ApiOwnersTestCaseMixin
from tests.integration_tests.base_tests import SupersetTestCase
from tests.integration_tests.conftest import with_feature_flags
from tests.integration_tests.constants import (
ADMIN_USERNAME,
ALPHA_USERNAME,
GAMMA_USERNAME,
)
from tests.integration_tests.fixtures.birth_names_dashboard import (
load_birth_names_dashboard_with_slices,
load_birth_names_data,
@ -197,7 +202,7 @@ class TestChartApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCase):
"""
Chart API: Test info security
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
params = {"keys": ["permissions"]}
uri = f"api/v1/chart/_info?q={prison.dumps(params)}"
rv = self.get_assert_metric(uri, "info")
@ -232,7 +237,7 @@ class TestChartApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCase):
"""
admin_id = self.get_user("admin").id
chart_id = self.insert_chart("name", [admin_id], 1).id
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/chart/{chart_id}"
rv = self.delete_assert_metric(uri, "delete")
self.assertEqual(rv.status_code, 200)
@ -250,7 +255,7 @@ class TestChartApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCase):
chart_ids.append(
self.insert_chart(f"title{chart_name_index}", [admin.id], 1, admin).id
)
self.login(username="admin")
self.login(ADMIN_USERNAME)
argument = chart_ids
uri = f"api/v1/chart/?q={prison.dumps(argument)}"
rv = self.delete_assert_metric(uri, "bulk_delete")
@ -267,7 +272,7 @@ class TestChartApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCase):
Chart API: Test delete bulk bad request
"""
chart_ids = [1, "a"]
self.login(username="admin")
self.login(ADMIN_USERNAME)
argument = chart_ids
uri = f"api/v1/chart/?q={prison.dumps(argument)}"
rv = self.delete_assert_metric(uri, "bulk_delete")
@ -277,7 +282,7 @@ class TestChartApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCase):
"""
Chart API: Test not found delete
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
chart_id = 1000
uri = f"api/v1/chart/{chart_id}"
rv = self.delete_assert_metric(uri, "delete")
@ -288,7 +293,7 @@ class TestChartApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCase):
"""
Chart API: Test delete with associated report
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
chart = (
db.session.query(Slice)
.filter(Slice.slice_name == "chart_report")
@ -309,7 +314,7 @@ class TestChartApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCase):
"""
max_id = db.session.query(func.max(Slice.id)).scalar()
chart_ids = [max_id + 1, max_id + 2]
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/chart/?q={prison.dumps(chart_ids)}"
rv = self.delete_assert_metric(uri, "bulk_delete")
self.assertEqual(rv.status_code, 404)
@ -319,7 +324,7 @@ class TestChartApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCase):
"""
Chart API: Test bulk delete with associated report
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
chart_with_report = (
db.session.query(Slice.id)
.filter(Slice.slice_name == "chart_report")
@ -346,7 +351,7 @@ class TestChartApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCase):
gamma_id = self.get_user("gamma").id
chart_id = self.insert_chart("title", [gamma_id], 1).id
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/chart/{chart_id}"
rv = self.delete_assert_metric(uri, "delete")
self.assertEqual(rv.status_code, 200)
@ -365,7 +370,7 @@ class TestChartApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCase):
self.insert_chart(f"title{chart_name_index}", [gamma_id], 1).id
)
self.login(username="admin")
self.login(ADMIN_USERNAME)
argument = chart_ids
uri = f"api/v1/chart/?q={prison.dumps(argument)}"
rv = self.delete_assert_metric(uri, "bulk_delete")
@ -468,7 +473,7 @@ class TestChartApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCase):
"certified_by": "John Doe",
"certification_details": "Sample certification",
}
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "api/v1/chart/"
rv = self.post_assert_metric(uri, chart_data, "post")
self.assertEqual(rv.status_code, 201)
@ -486,7 +491,7 @@ class TestChartApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCase):
"datasource_id": 1,
"datasource_type": "table",
}
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "api/v1/chart/"
rv = self.post_assert_metric(uri, chart_data, "post")
self.assertEqual(rv.status_code, 201)
@ -505,7 +510,7 @@ class TestChartApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCase):
"datasource_type": "table",
"owners": [1000],
}
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "api/v1/chart/"
rv = self.post_assert_metric(uri, chart_data, "post")
self.assertEqual(rv.status_code, 422)
@ -523,7 +528,7 @@ class TestChartApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCase):
"datasource_type": "table",
"params": '{"A:"a"}',
}
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "api/v1/chart/"
rv = self.post_assert_metric(uri, chart_data, "post")
self.assertEqual(rv.status_code, 400)
@ -532,7 +537,7 @@ class TestChartApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCase):
"""
Chart API: Test create validate datasource
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
chart_data = {
"slice_name": "title1",
"datasource_id": 1,
@ -578,7 +583,7 @@ class TestChartApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCase):
"datasource_type": "table",
"dashboards": [dash.id],
}
self.login(username="alpha")
self.login(ALPHA_USERNAME)
uri = "api/v1/chart/"
rv = self.post_assert_metric(uri, chart_data, "post")
self.assertEqual(rv.status_code, 403)
@ -616,7 +621,7 @@ class TestChartApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCase):
"certified_by": "Mario Rossi",
"certification_details": "Edited certification",
}
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/chart/{chart_id}"
rv = self.put_assert_metric(uri, chart_data, "put")
self.assertEqual(rv.status_code, 200)
@ -651,7 +656,7 @@ class TestChartApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCase):
"slice_name": (new_name := "title1_changed"),
"owners": [admin.id],
}
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/chart/{chart_id}"
rv = self.put_assert_metric(uri, chart_data, "put")
self.assertEqual(rv.status_code, 200)
@ -680,7 +685,7 @@ class TestChartApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCase):
"slice_name": (new_name := "title1_changed"),
"owners": [admin.id],
}
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/chart/{chart_id}"
rv = self.put_assert_metric(uri, chart_data, "put")
self.assertEqual(rv.status_code, 200)
@ -706,7 +711,7 @@ class TestChartApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCase):
"slice_name": (new_name := "title1_changed"),
"owners": [alpha.id],
}
self.login(username=gamma.username)
self.login(gamma.username)
uri = f"api/v1/chart/{chart_id}"
rv = self.put_assert_metric(uri, chart_data, "put")
assert rv.status_code == 200
@ -725,7 +730,7 @@ class TestChartApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCase):
admin = self.get_user("admin")
chart_id = self.insert_chart("title", [admin.id], 1).id
chart_data = {"slice_name": "title1_changed", "owners": [gamma.id]}
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/chart/{chart_id}"
rv = self.put_assert_metric(uri, chart_data, "put")
self.assertEqual(rv.status_code, 200)
@ -793,7 +798,7 @@ class TestChartApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCase):
"slice_name": "title1_changed",
"dashboards": [self.new_dashboard.id],
}
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/chart/{self.chart.id}"
rv = self.put_assert_metric(uri, chart_data, "put")
self.assertEqual(rv.status_code, 200)
@ -806,7 +811,7 @@ class TestChartApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCase):
Chart API: Test update chart without changing dashboards configuration
"""
chart_data = {"slice_name": "title1_changed_again"}
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/chart/{self.chart.id}"
rv = self.put_assert_metric(uri, chart_data, "put")
self.assertEqual(rv.status_code, 200)
@ -896,7 +901,7 @@ class TestChartApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCase):
"""
admin = self.get_user("admin")
chart = self.insert_chart("title", owners=[admin.id], datasource_id=1)
self.login(username="admin")
self.login(ADMIN_USERNAME)
chart_data = {"datasource_id": 1, "datasource_type": "unknown"}
rv = self.put_assert_metric(f"/api/v1/chart/{chart.id}", chart_data, "put")
@ -934,7 +939,7 @@ class TestChartApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCase):
"datasource_type": "table",
"owners": [1000],
}
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/chart/"
rv = self.client.post(uri, json=chart_data)
self.assertEqual(rv.status_code, 422)
@ -949,7 +954,7 @@ class TestChartApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCase):
"""
admin = self.get_user("admin")
chart = self.insert_chart("title", [admin.id], 1)
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/chart/{chart.id}"
rv = self.get_assert_metric(uri, "get")
self.assertEqual(rv.status_code, 200)
@ -995,7 +1000,7 @@ class TestChartApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCase):
Chart API: Test get chart not found
"""
chart_id = 1000
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/chart/{chart_id}"
rv = self.get_assert_metric(uri, "get")
self.assertEqual(rv.status_code, 404)
@ -1005,7 +1010,7 @@ class TestChartApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCase):
"""
Chart API: Test get chart without data access
"""
self.login(username="gamma")
self.login(GAMMA_USERNAME)
chart_no_access = (
db.session.query(Slice)
.filter_by(slice_name="Girl Name Cloud")
@ -1025,7 +1030,7 @@ class TestChartApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCase):
"""
Chart API: Test get charts
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/chart/"
rv = self.get_assert_metric(uri, "get_list")
self.assertEqual(rv.status_code, 200)
@ -1037,7 +1042,7 @@ class TestChartApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCase):
"""
Chart API: Test get charts with related dashboards
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
arguments = {
"filters": [
{"col": "slice_name", "opr": "eq", "value": self.chart.slice_name}
@ -1059,7 +1064,7 @@ class TestChartApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCase):
"""
Chart API: Test get charts with dashboard filter
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
arguments = {
"filters": [
{
@ -1084,7 +1089,7 @@ class TestChartApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCase):
admin = self.get_user("admin")
chart = self.insert_chart("foo_a", [admin.id], 1, description="ZY_bar")
self.login(username="admin")
self.login(ADMIN_USERNAME)
arguments = {
"order_column": "changed_on_delta_humanized",
@ -1112,7 +1117,7 @@ class TestChartApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCase):
"""
Chart API: Test get charts filter
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
arguments = {"filters": [{"col": "slice_name", "opr": "sw", "value": "G"}]}
uri = f"api/v1/chart/?q={prison.dumps(arguments)}"
rv = self.get_assert_metric(uri, "get_list")
@ -1170,7 +1175,7 @@ class TestChartApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCase):
"keys": ["none"],
"columns": ["slice_name", "description", "viz_type"],
}
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/chart/?q={prison.dumps(arguments)}"
rv = self.get_assert_metric(uri, "get_list")
self.assertEqual(rv.status_code, 200)
@ -1204,7 +1209,7 @@ class TestChartApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCase):
"keys": ["none"],
"columns": ["slice_name", "description", "table.table_name"],
}
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/chart/?q={prison.dumps(arguments)}"
rv = self.get_assert_metric(uri, "get_list")
@ -1237,7 +1242,7 @@ class TestChartApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCase):
"keys": ["none"],
"columns": ["slice_name"],
}
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/chart/?q={prison.dumps(arguments)}"
rv = self.get_assert_metric(uri, "get_list")
@ -1258,7 +1263,7 @@ class TestChartApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCase):
"keys": ["none"],
"columns": ["slice_name"],
}
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/chart/?q={prison.dumps(arguments)}"
rv = self.get_assert_metric(uri, "get_list")
@ -1281,7 +1286,7 @@ class TestChartApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCase):
"columns": ["slice_name"],
}
self.login(username="gamma")
self.login(GAMMA_USERNAME)
uri = f"api/v1/chart/?q={prison.dumps(arguments)}"
rv = self.get_assert_metric(uri, "get_list")
self.assertEqual(rv.status_code, 200)
@ -1311,7 +1316,7 @@ class TestChartApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCase):
"keys": ["none"],
"columns": ["slice_name"],
}
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/chart/?q={prison.dumps(arguments)}"
rv = self.client.get(uri)
data = json.loads(rv.data.decode("utf-8"))
@ -1353,7 +1358,7 @@ class TestChartApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCase):
"keys": ["none"],
"columns": ["slice_name"],
}
self.login(username="gamma")
self.login(gamma_user.username)
uri = f"api/v1/chart/?q={prison.dumps(arguments)}"
rv = self.client.get(uri)
data = json.loads(rv.data.decode("utf-8"))
@ -1382,7 +1387,7 @@ class TestChartApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCase):
assert users_favorite_ids
arguments = [s.id for s in db.session.query(Slice.id).all()]
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/chart/favorite_status/?q={prison.dumps(arguments)}"
rv = self.client.get(uri)
data = json.loads(rv.data.decode("utf-8"))
@ -1405,7 +1410,7 @@ class TestChartApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCase):
db.session.add(chart)
db.session.commit()
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/chart/favorite_status/?q={prison.dumps([chart.id])}"
rv = self.client.get(uri)
data = json.loads(rv.data.decode("utf-8"))
@ -1438,7 +1443,7 @@ class TestChartApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCase):
db.session.add(chart)
db.session.commit()
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/chart/{chart.id}/favorites/"
self.client.post(uri)
@ -1464,7 +1469,7 @@ class TestChartApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCase):
"""
Chart API: Test get actually time range from human readable string
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
humanize_time_range = "100 years ago : now"
uri = f"api/v1/time_range/?q={prison.dumps(humanize_time_range)}"
rv = self.client.get(uri)
@ -1491,7 +1496,7 @@ class TestChartApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCase):
"""
Chart API: Test query form data
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
slice = db.session.query(Slice).first()
uri = f"api/v1/form_data/?slice_id={slice.id if slice else None}"
rv = self.client.get(uri)
@ -1512,7 +1517,7 @@ class TestChartApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCase):
Chart API: Test get charts filter
"""
# Assuming we have 33 sample charts
self.login(username="admin")
self.login(ADMIN_USERNAME)
arguments = {"page_size": 10, "page": 0}
uri = f"api/v1/chart/?q={prison.dumps(arguments)}"
rv = self.client.get(uri)
@ -1531,7 +1536,7 @@ class TestChartApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCase):
"""
Chart API: Test get charts no data access
"""
self.login(username="gamma")
self.login(GAMMA_USERNAME)
uri = "api/v1/chart/"
rv = self.get_assert_metric(uri, "get_list")
self.assertEqual(rv.status_code, 200)
@ -1546,7 +1551,7 @@ class TestChartApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCase):
argument = [example_chart.id]
uri = f"api/v1/chart/export/?q={prison.dumps(argument)}"
self.login(username="admin")
self.login(ADMIN_USERNAME)
rv = self.get_assert_metric(uri, "export")
assert rv.status_code == 200
@ -1561,7 +1566,7 @@ class TestChartApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCase):
# Just one does not exist and we get 404
argument = [-1, 1]
uri = f"api/v1/chart/export/?q={prison.dumps(argument)}"
self.login(username="admin")
self.login(ADMIN_USERNAME)
rv = self.get_assert_metric(uri, "export")
assert rv.status_code == 404
@ -1574,7 +1579,7 @@ class TestChartApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCase):
argument = [example_chart.id]
uri = f"api/v1/chart/export/?q={prison.dumps(argument)}"
self.login(username="gamma")
self.login(GAMMA_USERNAME)
rv = self.client.get(uri)
assert rv.status_code == 404
@ -1583,7 +1588,7 @@ class TestChartApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCase):
"""
Chart API: Test import chart
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "api/v1/chart/import/"
buf = self.create_chart_import()
@ -1620,7 +1625,7 @@ class TestChartApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCase):
"""
Chart API: Test import existing chart
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "api/v1/chart/import/"
buf = self.create_chart_import()
@ -1691,7 +1696,7 @@ class TestChartApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCase):
"""
Chart API: Test import invalid chart
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "api/v1/chart/import/"
buf = BytesIO()
@ -1743,7 +1748,7 @@ class TestChartApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCase):
"keys": ["none"],
"columns": ["slice_name"],
}
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/chart/?q={prison.dumps(arguments)}"
rv = self.get_assert_metric(uri, "get_list")
@ -1757,7 +1762,7 @@ class TestChartApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCase):
"keys": ["none"],
"columns": ["slice_name"],
}
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/chart/?q={prison.dumps(arguments)}"
rv = self.get_assert_metric(uri, "get_list")
@ -1770,7 +1775,7 @@ class TestChartApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCase):
"""
Chart API: Test ChartOwnedCreatedFavoredByMeFilter
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
arguments = {
"filters": [
{
@ -1799,7 +1804,7 @@ class TestChartApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCase):
)
@pytest.mark.usefixtures("load_birth_names_dashboard_with_slices")
def test_warm_up_cache(self, slice_name):
self.login()
self.login(ADMIN_USERNAME)
slc = self.get_slice(slice_name)
rv = self.client.put("/api/v1/chart/warm_up_cache", json={"chart_id": slc.id})
self.assertEqual(rv.status_code, 200)
@ -1841,7 +1846,7 @@ class TestChartApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCase):
)
def test_warm_up_cache_chart_id_required(self):
self.login()
self.login(ADMIN_USERNAME)
rv = self.client.put("/api/v1/chart/warm_up_cache", json={"dashboard_id": 1})
self.assertEqual(rv.status_code, 400)
data = json.loads(rv.data.decode("utf-8"))
@ -1851,14 +1856,14 @@ class TestChartApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCase):
)
def test_warm_up_cache_chart_not_found(self):
self.login()
self.login(ADMIN_USERNAME)
rv = self.client.put("/api/v1/chart/warm_up_cache", json={"chart_id": 99999})
self.assertEqual(rv.status_code, 404)
data = json.loads(rv.data.decode("utf-8"))
self.assertEqual(data, {"message": "Chart not found"})
def test_warm_up_cache_payload_validation(self):
self.login()
self.login(ADMIN_USERNAME)
rv = self.client.put(
"/api/v1/chart/warm_up_cache",
json={"chart_id": "id", "dashboard_id": "id", "extra_filters": 4},
@ -1878,7 +1883,7 @@ class TestChartApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCase):
@pytest.mark.usefixtures("load_birth_names_dashboard_with_slices")
def test_warm_up_cache_error(self) -> None:
self.login()
self.login(ADMIN_USERNAME)
slc = self.get_slice("Pivot Table v2")
with mock.patch.object(ChartDataCommand, "run") as mock_run:
@ -1906,7 +1911,7 @@ class TestChartApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCase):
@pytest.mark.usefixtures("load_birth_names_dashboard_with_slices")
def test_warm_up_cache_no_query_context(self) -> None:
self.login()
self.login(ADMIN_USERNAME)
slc = self.get_slice("Pivot Table v2")
with mock.patch.object(Slice, "get_query_context") as mock_get_query_context:
@ -1929,7 +1934,7 @@ class TestChartApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCase):
@pytest.mark.usefixtures("load_birth_names_dashboard_with_slices")
def test_warm_up_cache_no_datasource(self) -> None:
self.login()
self.login(ADMIN_USERNAME)
slc = self.get_slice("Top 10 Girl Name Share")
with mock.patch.object(

17
tests/integration_tests/charts/data/api_tests.py
View File

@ -31,6 +31,11 @@ from superset.charts.data.api import ChartDataRestApi
from superset.models.sql_lab import Query
from tests.integration_tests.base_tests import SupersetTestCase, test_client
from tests.integration_tests.annotation_layers.fixtures import create_annotation_layers
from tests.integration_tests.constants import (
ADMIN_USERNAME,
GAMMA_NO_CSV_USERNAME,
GAMMA_USERNAME,
)
from tests.integration_tests.fixtures.birth_names_dashboard import (
load_birth_names_dashboard_with_slices,
load_birth_names_data,
@ -92,7 +97,7 @@ class BaseTestChartDataApi(SupersetTestCase):
query_context_payload_template = None
def setUp(self) -> None:
self.login("admin")
self.login(ADMIN_USERNAME)
if self.query_context_payload_template is None:
BaseTestChartDataApi.query_context_payload_template = get_query_context(
"birth_names"
@ -410,7 +415,7 @@ class TestPostChartDataApi(BaseTestChartDataApi):
Chart data API: Test chart data with CSV result format
"""
self.logout()
self.login(username="gamma_no_csv")
self.login(GAMMA_NO_CSV_USERNAME)
self.query_context_payload["result_format"] = "csv"
rv = self.post_assert_metric(CHART_DATA_URI, self.query_context_payload, "data")
@ -422,7 +427,7 @@ class TestPostChartDataApi(BaseTestChartDataApi):
Chart data API: Test chart data with Excel result format
"""
self.logout()
self.login(username="gamma_no_csv")
self.login(GAMMA_NO_CSV_USERNAME)
self.query_context_payload["result_format"] = "xlsx"
rv = self.post_assert_metric(CHART_DATA_URI, self.query_context_payload, "data")
@ -686,7 +691,7 @@ class TestPostChartDataApi(BaseTestChartDataApi):
Chart data API: Test chart data query not allowed
"""
self.logout()
self.login(username="gamma")
self.login(GAMMA_USERNAME)
rv = self.post_assert_metric(CHART_DATA_URI, self.query_context_payload, "data")
assert rv.status_code == 403
@ -717,7 +722,7 @@ class TestPostChartDataApi(BaseTestChartDataApi):
self.logout()
app._got_first_request = False
async_query_manager_factory.init_app(app)
self.login("admin")
self.login(ADMIN_USERNAME)
rv = self.post_assert_metric(CHART_DATA_URI, self.query_context_payload, "data")
self.assertEqual(rv.status_code, 202)
data = json.loads(rv.data.decode("utf-8"))
@ -1236,7 +1241,6 @@ class TestGetChartDataApi(BaseTestChartDataApi):
"""
Chart data API: Test query with adhoc column in both select and where clause
"""
self.login(username="admin")
request_payload = get_query_context("birth_names")
request_payload["queries"][0]["columns"] = [ADHOC_COLUMN_FIXTURE]
request_payload["queries"][0]["filters"] = [
@ -1256,7 +1260,6 @@ class TestGetChartDataApi(BaseTestChartDataApi):
"""
Chart data API: Test query with adhoc column that fails to run on this dataset
"""
self.login(username="admin")
request_payload = get_query_context("birth_names")
request_payload["queries"][0]["columns"] = [ADHOC_COLUMN_FIXTURE]
request_payload["queries"][0]["filters"] = [

3
tests/integration_tests/charts/schema_tests.py
View File

@ -38,7 +38,6 @@ class TestSchema(SupersetTestCase):
)
@pytest.mark.usefixtures("load_birth_names_dashboard_with_slices")
def test_query_context_limit_and_offset(self):
self.login(username="admin")
payload = get_query_context("birth_names")
# too low limit and offset
@ -51,14 +50,12 @@ class TestSchema(SupersetTestCase):
@pytest.mark.usefixtures("load_birth_names_dashboard_with_slices")
def test_query_context_null_timegrain(self):
self.login(username="admin")
payload = get_query_context("birth_names")
payload["queries"][0]["extras"]["time_grain_sqla"] = None
_ = ChartDataQueryContextSchema().load(payload)
@pytest.mark.usefixtures("load_birth_names_dashboard_with_slices")
def test_query_context_series_limit(self):
self.login(username="admin")
payload = get_query_context("birth_names")
payload["queries"][0]["timeseries_limit"] = 2

22
tests/integration_tests/constants.py Normal file
View File

@ -0,0 +1,22 @@
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
ADMIN_USERNAME = "admin"
ALPHA_USERNAME = "alpha"
GAMMA_NO_CSV_USERNAME = "gamma_no_csv"
GAMMA_SQLLAB_NO_DATA_USERNAME = "gamma_sqllab_no_data"
GAMMA_SQLLAB_USERNAME = "gamma_sqllab"
GAMMA_USERNAME = "gamma"

74
tests/integration_tests/core_tests.py
View File

@ -54,6 +54,7 @@ from superset.utils.core import backend
from superset.utils.database import get_example_database
from superset.views.database.views import DatabaseView
from tests.integration_tests.conftest import with_feature_flags
from tests.integration_tests.constants import ADMIN_USERNAME, GAMMA_USERNAME
from tests.integration_tests.fixtures.birth_names_dashboard import (
load_birth_names_dashboard_with_slices,
load_birth_names_data,
@ -91,6 +92,7 @@ class TestCore(SupersetTestCase):
def tearDown(self):
db.session.query(Query).delete()
app.config["PREVENT_UNSAFE_DB_CONNECTIONS"] = self.original_unsafe_db_setting
super().tearDown()
def insert_dashboard_created_by(self, username: str) -> Dashboard:
user = self.get_user(username)
@ -122,19 +124,19 @@ class TestCore(SupersetTestCase):
self.assertIn("User confirmation needed", resp)
def test_dashboard_endpoint(self):
self.login()
self.login(ADMIN_USERNAME)
resp = self.client.get("/superset/dashboard/-1/")
assert resp.status_code == 404
@pytest.mark.usefixtures("load_birth_names_dashboard_with_slices")
def test_slice_endpoint(self):
self.login(username="admin")
self.login(ADMIN_USERNAME)
resp = self.client.get("/superset/slice/-1/")
assert resp.status_code == 404
@pytest.mark.usefixtures("load_birth_names_dashboard_with_slices")
def test_viz_cache_key(self):
self.login(username="admin")
self.login(ADMIN_USERNAME)
slc = self.get_slice("Top 10 Girl Name Share")
viz = slc.viz
@ -173,7 +175,7 @@ class TestCore(SupersetTestCase):
@pytest.mark.usefixtures("load_energy_table_with_slice")
def test_save_slice(self):
self.login(username="admin")
self.login(ADMIN_USERNAME)
slice_name = f"Energy Sankey"
slice_id = self.get_slice(slice_name).id
copy_name_prefix = "Test Sankey"
@ -237,7 +239,7 @@ class TestCore(SupersetTestCase):
@pytest.mark.usefixtures("load_birth_names_dashboard_with_slices")
def test_slice_data(self):
# slice data should have some required attributes
self.login(username="admin")
self.login(ADMIN_USERNAME)
slc = self.get_slice(slice_name="Top 10 Girl Name Share")
slc_data_attributes = slc.data.keys()
assert "changed_on" in slc_data_attributes
@ -247,7 +249,7 @@ class TestCore(SupersetTestCase):
@pytest.mark.usefixtures("load_energy_table_with_slice")
def test_slices(self):
# Testing by hitting the two supported end points for all slices
self.login(username="admin")
self.login(ADMIN_USERNAME)
Slc = Slice
urls = []
for slc in db.session.query(Slc).all():
@ -261,14 +263,14 @@ class TestCore(SupersetTestCase):
self.assertEqual(resp.status_code, 200)
def test_add_slice(self):
self.login(username="admin")
self.login(ADMIN_USERNAME)
# assert that /chart/add responds with 200
url = "/chart/add"
resp = self.client.get(url)
self.assertEqual(resp.status_code, 200)
def test_get_user_slices(self):
self.login(username="admin")
self.login(ADMIN_USERNAME)
userid = security_manager.find_user("admin").id
url = f"/sliceasync/api/read?_flt_0_created_by={userid}"
resp = self.client.get(url)
@ -325,10 +327,10 @@ class TestCore(SupersetTestCase):
# Disable for password store for later tests
models.custom_password_store = None
def test_databaseview_edit(self, username="admin"):
def test_databaseview_edit(self):
# validate that sending a password-masked uri does not over-write the decrypted
# uri
self.login(username=username)
self.login(ADMIN_USERNAME)
database = superset.utils.database.get_example_database()
sqlalchemy_uri_decrypted = database.sqlalchemy_uri_decrypted
url = f"databaseview/edit/{database.id}"
@ -349,7 +351,7 @@ class TestCore(SupersetTestCase):
"load_energy_table_with_slice",
)
def test_warm_up_cache(self):
self.login()
self.login(ADMIN_USERNAME)
slc = self.get_slice("Top 10 Girl Name Share")
data = self.get_json_resp(f"/superset/warm_up_cache?slice_id={slc.id}")
self.assertEqual(
@ -374,7 +376,7 @@ class TestCore(SupersetTestCase):
@pytest.mark.usefixtures("load_birth_names_dashboard_with_slices")
def test_warm_up_cache_error(self) -> None:
self.login()
self.login(ADMIN_USERNAME)
slc = self.get_slice("Pivot Table v2")
with mock.patch.object(
@ -397,7 +399,7 @@ class TestCore(SupersetTestCase):
@pytest.mark.usefixtures("load_birth_names_dashboard_with_slices")
def test_cache_logging(self):
self.login("admin")
self.login(ADMIN_USERNAME)
store_cache_keys = app.config["STORE_CACHE_KEYS_IN_METADATA_DB"]
app.config["STORE_CACHE_KEYS_IN_METADATA_DB"] = True
slc = self.get_slice("Top 10 Girl Name Share")
@ -409,7 +411,7 @@ class TestCore(SupersetTestCase):
@with_feature_flags(KV_STORE=False)
def test_kv_disabled(self):
self.login(username="admin")
self.login(ADMIN_USERNAME)
resp = self.client.get("/kv/10001/")
self.assertEqual(404, resp.status_code)
@ -420,7 +422,7 @@ class TestCore(SupersetTestCase):
@with_feature_flags(KV_STORE=True)
def test_kv_enabled(self):
self.login(username="admin")
self.login(ADMIN_USERNAME)
resp = self.client.get("/kv/10001/")
self.assertEqual(404, resp.status_code)
@ -437,7 +439,7 @@ class TestCore(SupersetTestCase):
self.assertEqual(json.loads(value), json.loads(resp.data.decode("utf-8")))
def test_gamma(self):
self.login(username="gamma")
self.login(GAMMA_USERNAME)
assert "Charts" in self.get_resp("/chart/list/")
assert "Dashboards" in self.get_resp("/dashboard/list/")
@ -445,13 +447,13 @@ class TestCore(SupersetTestCase):
if superset.utils.database.get_example_database().backend == "presto":
# TODO: make it work for presto
return
self.login()
self.login(ADMIN_USERNAME)
sql = "SELECT '{{ 1+1 }}' as test"
data = self.run_sql(sql, "fdaklj3ws")
self.assertEqual(data["data"][0]["test"], "2")
def test_fetch_datasource_metadata(self):
self.login(username="admin")
self.login(ADMIN_USERNAME)
url = "/superset/fetch_datasource_metadata?" "datasourceKey=1__table"
resp = self.get_json_resp(url)
keys = [
@ -468,7 +470,7 @@ class TestCore(SupersetTestCase):
@pytest.mark.usefixtures("load_birth_names_dashboard_with_slices")
def test_slice_id_is_always_logged_correctly_on_web_request(self):
# explore case
self.login("admin")
self.login(ADMIN_USERNAME)
slc = db.session.query(Slice).filter_by(slice_name="Girls").one()
qry = db.session.query(models.Log).filter_by(slice_id=slc.id)
self.get_resp(slc.slice_url)
@ -545,7 +547,7 @@ class TestCore(SupersetTestCase):
form_data = {
"viz_type": "dist_bar",
}
self.login(username="admin")
self.login(ADMIN_USERNAME)
rv = self.client.post(
"/superset/explore_json/",
data={"form_data": json.dumps(form_data)},
@ -570,7 +572,7 @@ class TestCore(SupersetTestCase):
"groupby": ["gender"],
"row_limit": 100,
}
self.login(username="admin")
self.login(ADMIN_USERNAME)
rv = self.client.post(
"/superset/explore_json/",
data={"form_data": json.dumps(form_data)},
@ -646,7 +648,7 @@ class TestCore(SupersetTestCase):
"x_ticks_layout": "auto",
}
self.login(username="admin")
self.login(ADMIN_USERNAME)
rv = self.client.post(
"/superset/explore_json/",
data={"form_data": json.dumps(form_data)},
@ -695,7 +697,7 @@ class TestCore(SupersetTestCase):
}
app._got_first_request = False
async_query_manager_factory.init_app(app)
self.login(username="admin")
self.login(ADMIN_USERNAME)
rv = self.client.post(
"/superset/explore_json/",
data={"form_data": json.dumps(form_data)},
@ -734,7 +736,7 @@ class TestCore(SupersetTestCase):
}
app._got_first_request = False
async_query_manager_factory.init_app(app)
self.login(username="admin")
self.login(ADMIN_USERNAME)
rv = self.client.post(
"/superset/explore_json/?results=true",
data={"form_data": json.dumps(form_data)},
@ -774,7 +776,7 @@ class TestCore(SupersetTestCase):
mock_cache.return_value = MockCache()
mock_force_cached.return_value = False
self.login(username="admin")
self.login(ADMIN_USERNAME)
rv = self.client.get("/superset/explore_json/data/valid-cache-key")
data = json.loads(rv.data.decode("utf-8"))
@ -815,7 +817,7 @@ class TestCore(SupersetTestCase):
self.assertEqual(rv.status_code, 401)
def test_explore_json_data_invalid_cache_key(self):
self.login(username="admin")
self.login(ADMIN_USERNAME)
cache_key = "invalid-cache-key"
rv = self.client.get(f"/superset/explore_json/data/{cache_key}")
data = json.loads(rv.data.decode("utf-8"))
@ -938,7 +940,7 @@ class TestCore(SupersetTestCase):
"""
# feature flags are cached
cache_manager.cache.clear()
self.login()
self.login(ADMIN_USERNAME)
encoded = json.dumps(
{"FOO": lambda x: 1, "super": "set"},
@ -970,8 +972,7 @@ class TestCore(SupersetTestCase):
The tabstateview endpoint GET should be able to take name or title
for backward compatibility
"""
username = "admin"
self.login(username)
self.login(ADMIN_USERNAME)
# create a tab
data = {
@ -993,8 +994,7 @@ class TestCore(SupersetTestCase):
self.assertEqual(payload["label"], "Untitled Query foo")
def test_tabstate_update(self):
username = "admin"
self.login(username)
self.login(ADMIN_USERNAME)
# create a tab
data = {
"queryEditor": json.dumps(
@ -1141,7 +1141,7 @@ class TestCore(SupersetTestCase):
slice = db.session.query(Slice).first()
url = f"/explore/?form_data=%7B%22slice_id%22%3A%20{slice.id}%7D"
self.login()
self.login(ADMIN_USERNAME)
data = self.get_resp(url)
self.assertIn("Error message", data)
@ -1151,7 +1151,7 @@ class TestCore(SupersetTestCase):
slice = db.session.query(Slice).first()
url = f"/explore/?form_data=%7B%22slice_id%22%3A%20{slice.id}%7D"
self.login()
self.login(ADMIN_USERNAME)
data = self.get_resp(url)
self.assertIn("Error message", data)
@ -1168,7 +1168,7 @@ class TestCore(SupersetTestCase):
dash = db.session.query(Dashboard).first()
url = f"/superset/dashboard/{dash.id}/"
self.login()
self.login(ADMIN_USERNAME)
data = self.get_resp(url)
self.assertIn("Error message", data)
@ -1178,14 +1178,14 @@ class TestCore(SupersetTestCase):
dash = db.session.query(Dashboard).first()
url = f"/superset/dashboard/{dash.id}/"
self.login()
self.login(ADMIN_USERNAME)
data = self.get_resp(url)
self.assertIn("Error message", data)
@pytest.mark.usefixtures("load_energy_table_with_slice")
@mock.patch("superset.commands.explore.form_data.create.CreateFormDataCommand.run")
def test_explore_redirect(self, mock_command: mock.Mock):
self.login(username="admin")
self.login(ADMIN_USERNAME)
random_key = "random_key"
mock_command.return_value = random_key
slice_name = f"Energy Sankey"
@ -1215,7 +1215,7 @@ class TestCore(SupersetTestCase):
def test_dashboard_permalink(self, get_dashboard_permalink_mock, request_mock):
request_mock.query_string = b"standalone=3"
get_dashboard_permalink_mock.return_value = {"dashboardId": 1}
self.login()
self.login(ADMIN_USERNAME)
resp = self.client.get("superset/dashboard/p/123/")
expected_url = "/superset/dashboard/1?permalink_key=123&standalone=3"

34
tests/integration_tests/css_templates/api_tests.py
View File

@ -29,7 +29,7 @@ from superset.models.core import CssTemplate
from superset.utils.database import get_example_database
from tests.integration_tests.base_tests import SupersetTestCase
from tests.integration_tests.constants import ADMIN_USERNAME
CSS_TEMPLATES_FIXTURE_COUNT = 5
@ -73,7 +73,7 @@ class TestCssTemplateApi(SupersetTestCase):
"""
css_templates = db.session.query(CssTemplate).all()
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/css_template/"
rv = self.get_assert_metric(uri, "get_list")
assert rv.status_code == 200
@ -108,7 +108,7 @@ class TestCssTemplateApi(SupersetTestCase):
.order_by(CssTemplate.template_name.asc())
.all()
)
self.login(username="admin")
self.login(ADMIN_USERNAME)
query_string = {"order_column": "template_name", "order_direction": "asc"}
uri = f"api/v1/css_template/?q={prison.dumps(query_string)}"
rv = self.get_assert_metric(uri, "get_list")
@ -123,7 +123,7 @@ class TestCssTemplateApi(SupersetTestCase):
"""
CSS Template API: Test get list and custom filter
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
all_css_templates = (
db.session.query(CssTemplate).filter(CssTemplate.css.ilike("%css2%")).all()
@ -167,7 +167,7 @@ class TestCssTemplateApi(SupersetTestCase):
"""
CssTemplate API: Test info
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/css_template/_info"
rv = self.get_assert_metric(uri, "info")
assert rv.status_code == 200
@ -176,7 +176,7 @@ class TestCssTemplateApi(SupersetTestCase):
"""
CssTemplate API: Test info security
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
params = {"keys": ["permissions"]}
uri = f"api/v1/css_template/_info?q={prison.dumps(params)}"
rv = self.get_assert_metric(uri, "info")
@ -197,7 +197,7 @@ class TestCssTemplateApi(SupersetTestCase):
.filter(CssTemplate.template_name == "template_name1")
.one_or_none()
)
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/css_template/{css_template.id}"
rv = self.get_assert_metric(uri, "get")
assert rv.status_code == 200
@ -228,7 +228,7 @@ class TestCssTemplateApi(SupersetTestCase):
CSS Template API: Test get CSS Template not found
"""
max_id = db.session.query(func.max(CssTemplate.id)).scalar()
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/css_template/{max_id + 1}"
rv = self.get_assert_metric(uri, "get")
assert rv.status_code == 404
@ -242,7 +242,7 @@ class TestCssTemplateApi(SupersetTestCase):
"css": "css_create",
}
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/css_template/"
rv = self.post_assert_metric(uri, post_data, "post")
data = json.loads(rv.data.decode("utf-8"))
@ -273,7 +273,7 @@ class TestCssTemplateApi(SupersetTestCase):
"css": "css_changed",
}
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/css_template/{css_template.id}"
rv = self.put_assert_metric(uri, put_data, "put")
assert rv.status_code == 200
@ -288,7 +288,7 @@ class TestCssTemplateApi(SupersetTestCase):
CSS Template API: Test update not found
"""
max_id = db.session.query(func.max(CssTemplate.id)).scalar()
self.login(username="admin")
self.login(ADMIN_USERNAME)
put_data = {
"template_name": "template_name_changed",
@ -310,7 +310,7 @@ class TestCssTemplateApi(SupersetTestCase):
.one_or_none()
)
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/css_template/{css_template.id}"
rv = self.delete_assert_metric(uri, "delete")
assert rv.status_code == 200
@ -324,7 +324,7 @@ class TestCssTemplateApi(SupersetTestCase):
CSS Template API: Test delete not found
"""
max_id = db.session.query(func.max(CssTemplate.id)).scalar()
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/css_template/{max_id + 1}"
rv = self.delete_assert_metric(uri, "delete")
assert rv.status_code == 404
@ -337,7 +337,7 @@ class TestCssTemplateApi(SupersetTestCase):
css_templates = db.session.query(CssTemplate).all()
css_template_ids = [css_template.id for css_template in css_templates]
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/css_template/?q={prison.dumps(css_template_ids)}"
rv = self.delete_assert_metric(uri, "bulk_delete")
assert rv.status_code == 200
@ -357,7 +357,7 @@ class TestCssTemplateApi(SupersetTestCase):
css_template = db.session.query(CssTemplate).first()
css_template_ids = [css_template.id]
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/css_template/?q={prison.dumps(css_template_ids)}"
rv = self.delete_assert_metric(uri, "bulk_delete")
assert rv.status_code == 200
@ -372,7 +372,7 @@ class TestCssTemplateApi(SupersetTestCase):
CSS Template API: Test delete bulk bad request
"""
css_template_ids = [1, "a"]
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/css_template/?q={prison.dumps(css_template_ids)}"
rv = self.delete_assert_metric(uri, "bulk_delete")
assert rv.status_code == 400
@ -385,7 +385,7 @@ class TestCssTemplateApi(SupersetTestCase):
max_id = db.session.query(func.max(CssTemplate.id)).scalar()
css_template_ids = [max_id + 1, max_id + 2]
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/css_template/?q={prison.dumps(css_template_ids)}"
rv = self.delete_assert_metric(uri, "bulk_delete")
assert rv.status_code == 404

14
tests/integration_tests/dashboard_tests.py
View File

@ -29,6 +29,11 @@ from superset import db, security_manager
from superset.connectors.sqla.models import SqlaTable
from superset.models.dashboard import Dashboard
from superset.models.slice import Slice
from tests.integration_tests.constants import (
ADMIN_USERNAME,
ALPHA_USERNAME,
GAMMA_USERNAME,
)
from tests.integration_tests.fixtures.birth_names_dashboard import (
load_birth_names_dashboard_with_slices,
load_birth_names_data,
@ -101,7 +106,6 @@ class TestDashboard(SupersetTestCase):
return positions
def test_get_dashboard(self):
self.login(username="admin")
for dash in db.session.query(Dashboard):
assert escape(dash.dashboard_title) in self.client.get(dash.url).get_data(
as_text=True
@ -111,7 +115,7 @@ class TestDashboard(SupersetTestCase):
url_for("Superset.dashboard", dashboard_id_or_slug=1)
def test_new_dashboard(self):
self.login(username="admin")
self.login(ADMIN_USERNAME)
dash_count_before = db.session.query(func.count(Dashboard.id)).first()[0]
url = "/dashboard/new/"
response = self.client.get(url, follow_redirects=False)
@ -171,7 +175,6 @@ class TestDashboard(SupersetTestCase):
"load_birth_names_dashboard_with_slices", "public_role_like_gamma"
)
def test_dashboard_with_created_by_can_be_accessed_by_public_users(self):
self.logout()
table = db.session.query(SqlaTable).filter_by(table_name="birth_names").one()
self.grant_public_access_to_table(table)
@ -188,7 +191,7 @@ class TestDashboard(SupersetTestCase):
@pytest.mark.usefixtures("load_energy_table_with_slice", "load_dashboard")
def test_users_can_list_published_dashboard(self):
self.login("alpha")
self.login(ALPHA_USERNAME)
resp = self.get_resp("/api/v1/dashboard/")
assert f"/superset/dashboard/{pytest.hidden_dash_slug}/" not in resp
assert f"/superset/dashboard/{pytest.published_dash_slug}/" in resp
@ -225,7 +228,6 @@ class TestDashboard(SupersetTestCase):
def test_user_can_not_view_unpublished_dash(self):
admin_user = security_manager.find_user("admin")
gamma_user = security_manager.find_user("gamma")
slug = f"admin_owned_unpublished_dash_{random()}"
# Create a dashboard owned by admin and unpublished
@ -238,7 +240,7 @@ class TestDashboard(SupersetTestCase):
db.session.commit()
# list dashboards as a gamma user
self.login(gamma_user.username)
self.login(GAMMA_USERNAME)
resp = self.get_resp("/api/v1/dashboard/")
db.session.delete(dash)

169
tests/integration_tests/dashboards/api_tests.py
View File

@ -37,9 +37,14 @@ from superset.reports.models import ReportSchedule, ReportScheduleType
from superset.models.slice import Slice
from superset.utils.core import backend, override_user
from tests.integration_tests.conftest import with_feature_flags
from tests.integration_tests.base_api_tests import ApiOwnersTestCaseMixin
from tests.integration_tests.base_tests import SupersetTestCase
from tests.integration_tests.conftest import with_feature_flags
from tests.integration_tests.constants import (
ADMIN_USERNAME,
ALPHA_USERNAME,
GAMMA_USERNAME,
)
from tests.integration_tests.fixtures.importexport import (
chart_config,
database_config,
@ -162,7 +167,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
@pytest.mark.usefixtures("load_world_bank_dashboard_with_slices")
def test_get_dashboard_datasets(self):
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "api/v1/dashboard/world_health/datasets"
response = self.get_assert_metric(uri, "get_datasets")
self.assertEqual(response.status_code, 200)
@ -179,7 +184,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
@patch("superset.dashboards.schemas.security_manager.has_guest_access")
@patch("superset.dashboards.schemas.security_manager.is_guest_user")
def test_get_dashboard_datasets_as_guest(self, is_guest_user, has_guest_access):
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "api/v1/dashboard/world_health/datasets"
is_guest_user = True
has_guest_access = True
@ -197,7 +202,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
@pytest.mark.usefixtures("load_world_bank_dashboard_with_slices")
def test_get_dashboard_datasets_not_found(self):
self.login(username="alpha")
self.login(ALPHA_USERNAME)
uri = "api/v1/dashboard/not_found/datasets"
response = self.get_assert_metric(uri, "get_datasets")
self.assertEqual(response.status_code, 404)
@ -218,7 +223,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
gamma_role.permissions.append(data_access_pvm)
db.session.commit()
self.login(username="gamma")
self.login(GAMMA_USERNAME)
dashboard = self.dashboards[0]
dashboard.published = True
db.session.commit()
@ -235,7 +240,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
@pytest.mark.usefixtures("create_dashboards")
def get_dashboard_by_slug(self):
self.login(username="admin")
self.login(ADMIN_USERNAME)
dashboard = self.dashboards[0]
uri = f"api/v1/dashboard/{dashboard.slug}"
response = self.get_assert_metric(uri, "get")
@ -245,7 +250,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
@pytest.mark.usefixtures("create_dashboards")
def get_dashboard_by_bad_slug(self):
self.login(username="admin")
self.login(ADMIN_USERNAME)
dashboard = self.dashboards[0]
uri = f"api/v1/dashboard/{dashboard.slug}-bad-slug"
response = self.get_assert_metric(uri, "get")
@ -256,7 +261,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
"""
All users should have access to dashboards without roles
"""
self.login(username="gamma")
self.login(GAMMA_USERNAME)
dashboard = self.dashboards[0]
uri = f"api/v1/dashboard/{dashboard.slug}"
response = self.get_assert_metric(uri, "get")
@ -267,7 +272,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
"""
Dashboard API: Test getting charts belonging to a dashboard
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
dashboard = self.dashboards[0]
uri = f"api/v1/dashboard/{dashboard.id}/charts"
response = self.get_assert_metric(uri, "get_charts")
@ -295,7 +300,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
"""
Dashboard API: Test getting charts belonging to a dashboard
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
dashboard = self.dashboards[0]
uri = f"api/v1/dashboard/{dashboard.slug}/charts"
response = self.get_assert_metric(uri, "get_charts")
@ -311,7 +316,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
"""
Dashboard API: Test getting charts belonging to a dashboard that does not exist
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
bad_id = self.get_nonexistent_numeric_id(Dashboard)
uri = f"api/v1/dashboard/{bad_id}/charts"
response = self.get_assert_metric(uri, "get_charts")
@ -319,7 +324,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
@pytest.mark.usefixtures("load_world_bank_dashboard_with_slices")
def test_get_dashboard_datasets_not_allowed(self):
self.login(username="gamma")
self.login(GAMMA_USERNAME)
uri = "api/v1/dashboard/world_health/datasets"
response = self.get_assert_metric(uri, "get_datasets")
self.assertEqual(response.status_code, 404)
@ -340,7 +345,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
gamma_role.permissions.append(data_access_pvm)
db.session.commit()
self.login(username="gamma")
self.login(GAMMA_USERNAME)
dashboard = self.dashboards[0]
dashboard.published = True
@ -361,7 +366,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
"""
Dashboard API: Test getting charts belonging to a dashboard without any charts
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
# the fixture setup assigns no charts to the second half of dashboards
uri = f"api/v1/dashboard/{self.dashboards[-1].id}/charts"
response = self.get_assert_metric(uri, "get_charts")
@ -377,7 +382,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
dashboard = self.insert_dashboard(
"title", "slug1", [admin.id], created_by=admin
)
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/dashboard/{dashboard.id}"
rv = self.get_assert_metric(uri, "get")
self.assertEqual(rv.status_code, 200)
@ -440,7 +445,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
)
is_guest_user.return_value = True
has_guest_access.return_value = True
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/dashboard/{dashboard.id}"
rv = self.get_assert_metric(uri, "get")
self.assertEqual(rv.status_code, 200)
@ -455,7 +460,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
"""
Dashboard API: Test info
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "api/v1/dashboard/_info"
rv = self.get_assert_metric(uri, "info")
self.assertEqual(rv.status_code, 200)
@ -464,7 +469,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
"""
Dashboard API: Test info security
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
params = {"keys": ["permissions"]}
uri = f"api/v1/dashboard/_info?q={prison.dumps(params)}"
rv = self.get_assert_metric(uri, "info")
@ -485,7 +490,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
Dashboard API: Test get dashboard not found
"""
bad_id = self.get_nonexistent_numeric_id(Dashboard)
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/dashboard/{bad_id}"
rv = self.get_assert_metric(uri, "get")
self.assertEqual(rv.status_code, 404)
@ -497,7 +502,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
admin = self.get_user("admin")
dashboard = self.insert_dashboard("title", "slug1", [admin.id])
self.login(username="gamma")
self.login(GAMMA_USERNAME)
uri = f"api/v1/dashboard/{dashboard.id}"
rv = self.client.get(uri)
assert rv.status_code == 404
@ -516,7 +521,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
admin = self.get_user("admin")
dashboard = self.insert_dashboard("title", "slug1", [admin.id])
self.login(username="admin")
self.login(ADMIN_USERNAME)
arguments = {
"order_column": "changed_on_delta_humanized",
@ -544,7 +549,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
gamma = self.get_user("gamma")
dashboard = self.insert_dashboard("title", "slug1", [admin.id, gamma.id])
self.login(username="admin")
self.login(ADMIN_USERNAME)
arguments = {
"filters": [{"col": "dashboard_title", "opr": "sw", "value": "ti"}]
@ -586,7 +591,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
"keys": ["none"],
"columns": ["dashboard_title", "slug"],
}
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/dashboard/?q={prison.dumps(arguments)}"
rv = self.client.get(uri)
self.assertEqual(rv.status_code, 200)
@ -612,7 +617,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
assert data["result"] == expected_response
self.logout()
self.login(username="gamma")
self.login(GAMMA_USERNAME)
uri = f"api/v1/dashboard/?q={prison.dumps(arguments)}"
rv = self.client.get(uri)
self.assertEqual(rv.status_code, 200)
@ -642,7 +647,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
"keys": ["none"],
"columns": ["dashboard_title"],
}
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/dashboard/?q={prison.dumps(arguments)}"
rv = self.client.get(uri)
assert rv.status_code == 200
@ -674,7 +679,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
assert users_favorite_ids
arguments = [dash.id for dash in db.session.query(Dashboard.id).all()]
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/dashboard/favorite_status/?q={prison.dumps(arguments)}"
rv = self.client.get(uri)
data = json.loads(rv.data.decode("utf-8"))
@ -697,7 +702,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
db.session.add(dashboard)
db.session.commit()
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/dashboard/favorite_status/?q={prison.dumps([dashboard.id])}"
rv = self.client.get(uri)
data = json.loads(rv.data.decode("utf-8"))
@ -730,7 +735,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
db.session.add(dashboard)
db.session.commit()
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/dashboard/{dashboard.id}/favorites/"
self.client.post(uri)
@ -775,7 +780,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
"columns": ["dashboard_title"],
}
uri = f"api/v1/dashboard/?q={prison.dumps(arguments)}"
self.login(username="admin")
self.login(ADMIN_USERNAME)
rv = self.client.get(uri)
data = json.loads(rv.data.decode("utf-8"))
assert rv.status_code == 200
@ -798,7 +803,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
"keys": ["none"],
"columns": ["dashboard_title"],
}
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/dashboard/?q={prison.dumps(arguments)}"
rv = self.get_assert_metric(uri, "get_list")
@ -819,7 +824,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
"keys": ["none"],
"columns": ["dashboard_title"],
}
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/dashboard/?q={prison.dumps(arguments)}"
rv = self.get_assert_metric(uri, "get_list")
@ -843,7 +848,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
"page_size": 100,
}
uri = f"api/v1/dashboard/?q={prison.dumps(query)}"
self.login(username="gamma")
self.login(GAMMA_USERNAME)
rv = self.client.get(uri)
data = json.loads(rv.data.decode("utf-8"))
assert rv.status_code == 200
@ -899,7 +904,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
"""
admin_id = self.get_user("admin").id
dashboard_id = self.insert_dashboard("title", "slug1", [admin_id]).id
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/dashboard/{dashboard_id}"
rv = self.delete_assert_metric(uri, "delete")
self.assertEqual(rv.status_code, 200)
@ -921,7 +926,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
[admin_id],
).id
)
self.login(username="admin")
self.login(ADMIN_USERNAME)
argument = dashboard_ids
uri = f"api/v1/dashboard/?q={prison.dumps(argument)}"
rv = self.delete_assert_metric(uri, "bulk_delete")
@ -978,7 +983,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
Dashboard API: Test delete bulk bad request
"""
dashboard_ids = [1, "a"]
self.login(username="admin")
self.login(ADMIN_USERNAME)
argument = dashboard_ids
uri = f"api/v1/dashboard/?q={prison.dumps(argument)}"
rv = self.client.delete(uri)
@ -988,7 +993,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
"""
Dashboard API: Test not found delete
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
dashboard_id = 1000
uri = f"api/v1/dashboard/{dashboard_id}"
rv = self.client.delete(uri)
@ -999,7 +1004,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
"""
Dashboard API: Test delete with associated report
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
dashboard = (
db.session.query(Dashboard.id)
.filter(Dashboard.dashboard_title == "dashboard_report")
@ -1019,7 +1024,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
Dashboard API: Test delete bulk not found
"""
dashboard_ids = [1001, 1002]
self.login(username="admin")
self.login(ADMIN_USERNAME)
argument = dashboard_ids
uri = f"api/v1/dashboard/?q={prison.dumps(argument)}"
rv = self.client.delete(uri)
@ -1030,7 +1035,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
"""
Dashboard API: Test bulk delete with associated report
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
dashboard_with_report = (
db.session.query(Dashboard.id)
.filter(Dashboard.dashboard_title == "dashboard_report")
@ -1060,7 +1065,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
gamma_id = self.get_user("gamma").id
dashboard_id = self.insert_dashboard("title", "slug1", [gamma_id]).id
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/dashboard/{dashboard_id}"
rv = self.client.delete(uri)
self.assertEqual(rv.status_code, 200)
@ -1083,7 +1088,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
).id
)
self.login(username="admin")
self.login(ADMIN_USERNAME)
argument = dashboard_ids
uri = f"api/v1/dashboard/?q={prison.dumps(argument)}"
rv = self.client.delete(uri)
@ -1199,7 +1204,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
"json_metadata": '{"refresh_frequency": 30}',
"published": True,
}
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "api/v1/dashboard/"
rv = self.post_assert_metric(uri, dashboard_data, "post")
self.assertEqual(rv.status_code, 201)
@ -1213,7 +1218,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
Dashboard API: Test create simple dashboard
"""
dashboard_data = {"dashboard_title": "title1"}
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "api/v1/dashboard/"
rv = self.client.post(uri, json=dashboard_data)
self.assertEqual(rv.status_code, 201)
@ -1227,7 +1232,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
Dashboard API: Test create empty
"""
dashboard_data = {}
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "api/v1/dashboard/"
rv = self.client.post(uri, json=dashboard_data)
self.assertEqual(rv.status_code, 201)
@ -1237,7 +1242,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
db.session.commit()
dashboard_data = {"dashboard_title": ""}
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "api/v1/dashboard/"
rv = self.client.post(uri, json=dashboard_data)
self.assertEqual(rv.status_code, 201)
@ -1251,7 +1256,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
Dashboard API: Test create dashboard validate title
"""
dashboard_data = {"dashboard_title": "a" * 600}
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "api/v1/dashboard/"
rv = self.post_assert_metric(uri, dashboard_data, "post")
self.assertEqual(rv.status_code, 400)
@ -1267,7 +1272,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
"""
admin_id = self.get_user("admin").id
dashboard = self.insert_dashboard("title1", "slug1", [admin_id])
self.login(username="admin")
self.login(ADMIN_USERNAME)
# Check for slug uniqueness
dashboard_data = {"dashboard_title": "title2", "slug": "slug1"}
@ -1295,7 +1300,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
Dashboard API: Test create validate owners
"""
dashboard_data = {"dashboard_title": "title1", "owners": [1000]}
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "api/v1/dashboard/"
rv = self.client.post(uri, json=dashboard_data)
self.assertEqual(rv.status_code, 422)
@ -1308,7 +1313,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
Dashboard API: Test create validate roles
"""
dashboard_data = {"dashboard_title": "title1", "roles": [1000]}
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "api/v1/dashboard/"
rv = self.client.post(uri, json=dashboard_data)
self.assertEqual(rv.status_code, 422)
@ -1321,13 +1326,13 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
Dashboard API: Test create validate json
"""
dashboard_data = {"dashboard_title": "title1", "position_json": '{"A:"a"}'}
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "api/v1/dashboard/"
rv = self.client.post(uri, json=dashboard_data)
self.assertEqual(rv.status_code, 400)
dashboard_data = {"dashboard_title": "title1", "json_metadata": '{"A:"a"}'}
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "api/v1/dashboard/"
rv = self.client.post(uri, json=dashboard_data)
self.assertEqual(rv.status_code, 400)
@ -1336,7 +1341,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
"dashboard_title": "title1",
"json_metadata": '{"refresh_frequency": "A"}',
}
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "api/v1/dashboard/"
rv = self.client.post(uri, json=dashboard_data)
self.assertEqual(rv.status_code, 400)
@ -1350,7 +1355,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
dashboard_id = self.insert_dashboard(
"title1", "slug1", [admin.id], roles=[admin_role.id]
).id
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/dashboard/{dashboard_id}"
rv = self.put_assert_metric(uri, self.dashboard_data, "put")
self.assertEqual(rv.status_code, 200)
@ -1377,7 +1382,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
"title1", "slug1", [admin.id], roles=[admin_role.id]
).id
model = db.session.query(Dashboard).get(dashboard_id)
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/dashboard/{dashboard_id}"
dashboard_data = {"dashboard_title": "title2"}
rv = self.client.put(uri, json=dashboard_data)
@ -1404,7 +1409,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
"title1", "slug1", [admin.id], roles=[admin_role.id]
).id
model = db.session.query(Dashboard).get(dashboard_id)
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/dashboard/{dashboard_id}"
dashboard_data = {"dashboard_title": "title2"}
rv = self.client.put(uri, json=dashboard_data)
@ -1460,7 +1465,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
}
),
}
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/dashboard/{dashboard.id}"
rv = self.client.put(uri, json=dashboard_data)
self.assertEqual(rv.status_code, 200)
@ -1485,7 +1490,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
"""
admin_id = self.get_user("admin").id
dashboard_id = self.insert_dashboard("title1", "slug1", [admin_id]).id
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/dashboard/{dashboard_id}"
rv = self.client.put(
uri, json={"json_metadata": self.dashboard_data["json_metadata"]}
@ -1516,7 +1521,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
alpha = self.get_user("alpha")
dashboard_id = self.insert_dashboard("title1", "slug1", [alpha.id]).id
dashboard_data = {"dashboard_title": "title1_changed", "owners": [gamma.id]}
self.login(username="alpha")
self.login(ALPHA_USERNAME)
uri = f"api/v1/dashboard/{dashboard_id}"
rv = self.client.put(uri, json=dashboard_data)
self.assertEqual(rv.status_code, 200)
@ -1537,7 +1542,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
admin = self.get_user("admin")
dashboard_id = self.insert_dashboard("title1", "slug1", [admin.id]).id
dashboard_data = {"dashboard_title": "title1_changed", "owners": [gamma.id]}
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/dashboard/{dashboard_id}"
rv = self.client.put(uri, json=dashboard_data)
self.assertEqual(rv.status_code, 200)
@ -1594,7 +1599,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
admin_id = self.get_user("admin").id
dashboard_id = self.insert_dashboard("title1", "slug1", [admin_id]).id
dashboard_data = {"dashboard_title": "title1_changed", "slug": "slug1 changed"}
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/dashboard/{dashboard_id}"
rv = self.client.put(uri, json=dashboard_data)
self.assertEqual(rv.status_code, 200)
@ -1612,7 +1617,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
dashboard1 = self.insert_dashboard("title1", "slug-1", [admin_id])
dashboard2 = self.insert_dashboard("title2", "slug-2", [admin_id])
self.login(username="admin")
self.login(ADMIN_USERNAME)
# Check for slug uniqueness
dashboard_data = {"dashboard_title": "title2", "slug": "slug 1"}
uri = f"api/v1/dashboard/{dashboard2.id}"
@ -1628,7 +1633,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
dashboard1 = self.insert_dashboard("title1", None, [admin_id])
dashboard2 = self.insert_dashboard("title2", None, [admin_id])
self.login(username="admin")
self.login(ADMIN_USERNAME)
# Accept empty slugs and don't validate them has unique
dashboard_data = {"dashboard_title": "title2_changed", "slug": ""}
uri = f"api/v1/dashboard/{dashboard2.id}"
@ -1648,7 +1653,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
dashboard = self.insert_dashboard("title1", "slug1", [admin.id, gamma.id])
dashboard_data = {"published": True}
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/dashboard/{dashboard.id}"
rv = self.client.put(uri, json=dashboard_data)
self.assertEqual(rv.status_code, 200)
@ -1697,7 +1702,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
"""
Dashboard API: Test dashboard export
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
dashboards_ids = get_dashboards_ids(["world_health", "births"])
uri = f"api/v1/dashboard/export/?q={prison.dumps(dashboards_ids)}"
@ -1711,7 +1716,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
"""
Dashboard API: Test dashboard export not found
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
argument = [1000]
uri = f"api/v1/dashboard/export/?q={prison.dumps(argument)}"
rv = self.client.get(uri)
@ -1724,7 +1729,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
admin_id = self.get_user("admin").id
dashboard = self.insert_dashboard("title", "slug1", [admin_id], published=False)
self.login(username="gamma")
self.login(GAMMA_USERNAME)
argument = [dashboard.id]
uri = f"api/v1/dashboard/export/?q={prison.dumps(argument)}"
rv = self.client.get(uri)
@ -1739,7 +1744,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
dashboards_ids = get_dashboards_ids(["world_health", "births"])
uri = f"api/v1/dashboard/export/?q={prison.dumps(dashboards_ids)}"
self.login(username="admin")
self.login(ADMIN_USERNAME)
rv = self.client.get(uri)
assert rv.status_code == 200
@ -1751,7 +1756,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
"""
Dashboard API: Test dashboard export not found
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
argument = [1000]
uri = f"api/v1/dashboard/export/?q={prison.dumps(argument)}"
rv = self.client.get(uri)
@ -1764,7 +1769,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
admin_id = self.get_user("admin").id
dashboard = self.insert_dashboard("title", "slug1", [admin_id], published=False)
self.login(username="gamma")
self.login(GAMMA_USERNAME)
argument = [dashboard.id]
uri = f"api/v1/dashboard/export/?q={prison.dumps(argument)}"
rv = self.client.get(uri)
@ -1777,7 +1782,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
"""
Dashboard API: Test import dashboard
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "api/v1/dashboard/import/"
buf = self.create_dashboard_import()
@ -1815,7 +1820,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
"""
Dashboard API: Test import invalid dashboard file
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "api/v1/dashboard/import/"
buf = self.create_invalid_dashboard_import()
@ -1850,7 +1855,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
def test_import_dashboard_v0_export(self):
num_dashboards = db.session.query(Dashboard).count()
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "api/v1/dashboard/import/"
buf = BytesIO()
@ -1881,7 +1886,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
"""
Dashboard API: Test import existing dashboard
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "api/v1/dashboard/import/"
buf = self.create_dashboard_import()
@ -1955,7 +1960,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
"""
Dashboard API: Test import invalid dashboard
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "api/v1/dashboard/import/"
buf = BytesIO()
@ -2011,7 +2016,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
"""
API: Test get filter related roles
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/dashboard/related/roles"
rv = self.client.get(uri)
@ -2029,7 +2034,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
"""
API: Test get filter related roles
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
argument = {"filter": "alpha"}
uri = f"api/v1/dashboard/related/roles?q={prison.dumps(argument)}"
@ -2045,7 +2050,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
"""
API: Test get filter related roles with extra related query filters
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
def _base_filter(query):
return query.filter_by(name="Alpha")
@ -2063,7 +2068,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
@pytest.mark.usefixtures("load_world_bank_dashboard_with_slices")
def test_embedded_dashboards(self):
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "api/v1/dashboard/world_health/embedded"
# initial get should return 404
@ -2139,7 +2144,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
"keys": ["none"],
"columns": ["dashboard_title"],
}
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/dashboard/?q={prison.dumps(arguments)}"
rv = self.get_assert_metric(uri, "get_list")
@ -2160,7 +2165,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
"keys": ["none"],
"columns": ["dashboard_title"],
}
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/dashboard/?q={prison.dumps(arguments)}"
rv = self.get_assert_metric(uri, "get_list")
@ -2172,7 +2177,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
@pytest.mark.usefixtures("load_world_bank_dashboard_with_slices")
def test_copy_dashboard(self):
self.login(username="admin")
self.login(ADMIN_USERNAME)
original_dash = (
db.session.query(Dashboard).filter_by(slug="world_health").first()
)
@ -2215,7 +2220,7 @@ class TestDashboardApi(ApiOwnersTestCaseMixin, InsertChartMixin, SupersetTestCas
@pytest.mark.usefixtures("load_world_bank_dashboard_with_slices")
def test_copy_dashboard_duplicate_slices(self):
self.login(username="admin")
self.login(ADMIN_USERNAME)
original_dash = (
db.session.query(Dashboard).filter_by(slug="world_health").first()
)

3
tests/integration_tests/dashboards/base_case.py
View File

@ -79,7 +79,4 @@ class DashboardTestCase(SupersetTestCase):
def clean_created_objects(self):
with app.test_request_context():
self.logout()
self.login("admin")
delete_all_inserted_objects()
self.logout()

3
tests/integration_tests/dashboards/consts.py
View File

@ -32,9 +32,6 @@ GET_CHARTS_API_URL = "/api/v1/chart/"
GAMMA_ROLE_NAME = "Gamma"
ADMIN_USERNAME = "admin"
GAMMA_USERNAME = "gamma"
DASHBOARD_SLUG_OF_ACCESSIBLE_TABLE = "births"
DEFAULT_DASHBOARD_SLUG_TO_TEST = "births"
WORLD_HEALTH_SLUG = "world_health"

1
tests/integration_tests/dashboards/dao_tests.py
View File

@ -39,7 +39,6 @@ class TestDashboardDAO(SupersetTestCase):
def test_get_dashboard_changed_on(self, mock_sm_g, mock_g):
mock_g.user = mock_sm_g.user = security_manager.find_user("admin")
with self.client.application.test_request_context():
self.login(username="admin")
dashboard = (
db.session.query(Dashboard).filter_by(slug="world_health").first()
)

1
tests/integration_tests/dashboards/security/base_case.py
View File

@ -26,6 +26,7 @@ from tests.integration_tests.dashboards.base_case import DashboardTestCase
class BaseTestDashboardSecurity(DashboardTestCase):
def tearDown(self) -> None:
self.clean_created_objects()
super().tearDown()
def assert_dashboard_api_response(
self, response: Response, dashboard_to_access: Dashboard

5
tests/integration_tests/dashboards/security/security_dataset_tests.py
View File

@ -23,6 +23,7 @@ from flask import escape
from superset import app
from superset.daos.dashboard import DashboardDAO
from tests.integration_tests.constants import ADMIN_USERNAME, GAMMA_USERNAME
from tests.integration_tests.dashboards.base_case import DashboardTestCase
from tests.integration_tests.dashboards.consts import *
from tests.integration_tests.dashboards.dashboard_test_utils import *
@ -72,7 +73,7 @@ class TestDashboardDatasetSecurity(DashboardTestCase):
def test_dashboard_access__admin_can_access_all(self):
# arrange
self.login(username=ADMIN_USERNAME)
self.login(ADMIN_USERNAME)
dashboard_title_by_url = {
dash.url: dash.dashboard_title for dash in get_all_dashboards()
}
@ -183,7 +184,7 @@ class TestDashboardDatasetSecurity(DashboardTestCase):
title = f"title{random_str()}"
dashboard = create_dashboard_to_db(title, "slug1", owners=[admin])
self.login(username="gamma")
self.login(GAMMA_USERNAME)
arguments = {
"filters": [{"col": "dashboard_title", "opr": "sw", "value": title[0:8]}]
}

41
tests/integration_tests/dashboards/security/security_rbac_tests.py
View File

@ -25,6 +25,11 @@ from superset.commands.dashboard.exceptions import DashboardForbiddenError
from superset.daos.dashboard import DashboardDAO
from superset.utils.core import backend, override_user
from tests.integration_tests.conftest import with_feature_flags
from tests.integration_tests.constants import (
ADMIN_USERNAME,
GAMMA_SQLLAB_USERNAME,
GAMMA_USERNAME,
)
from tests.integration_tests.dashboards.dashboard_test_utils import *
from tests.integration_tests.dashboards.security.base_case import (
BaseTestDashboardSecurity,
@ -59,7 +64,7 @@ class TestDashboardRoleBasedSecurity(BaseTestDashboardSecurity):
dashboard_to_access = create_dashboard_to_db(
owners=[], slices=[create_slice_to_db()], published=False
)
self.login("admin")
self.login(ADMIN_USERNAME)
# act
response = self.get_dashboard_view_response(dashboard_to_access)
@ -137,7 +142,7 @@ class TestDashboardRoleBasedSecurity(BaseTestDashboardSecurity):
.one_or_none()
)
dashboard = create_dashboard_to_db(published=True, slices=[slice])
self.login("gamma")
self.login(GAMMA_USERNAME)
# assert redirect on regular rbac access denied
response = self.get_dashboard_view_response(dashboard)
@ -160,7 +165,7 @@ class TestDashboardRoleBasedSecurity(BaseTestDashboardSecurity):
.one_or_none()
)
dashboard = create_dashboard_to_db(published=True, slices=[slice])
self.login("gamma_sqllab")
self.login(GAMMA_SQLLAB_USERNAME)
response = self.get_dashboard_view_response(dashboard)
@ -208,7 +213,6 @@ class TestDashboardRoleBasedSecurity(BaseTestDashboardSecurity):
def test_get_dashboard_view__public_user_can_not_access_without_permission(self):
dashboard_to_access = create_dashboard_to_db(published=True)
grant_access_to_dashboard(dashboard_to_access, "Alpha")
self.logout()
# act
response = self.get_dashboard_view_response(dashboard_to_access)
@ -223,7 +227,6 @@ class TestDashboardRoleBasedSecurity(BaseTestDashboardSecurity):
# arrange
dashboard_to_access = create_dashboard_to_db(published=False)
grant_access_to_dashboard(dashboard_to_access, "Public")
self.logout()
# act
response = self.get_dashboard_view_response(dashboard_to_access)
@ -241,8 +244,6 @@ class TestDashboardRoleBasedSecurity(BaseTestDashboardSecurity):
)
grant_access_to_dashboard(dashboard_to_access, "Public")
self.logout()
# act
response = self.get_dashboard_view_response(dashboard_to_access)
@ -272,8 +273,7 @@ class TestDashboardRoleBasedSecurity(BaseTestDashboardSecurity):
slices=[create_slice_to_db(datasource_id=table.id)], published=True
)
]
self.login(username)
return not_owned_dashboards, owned_dashboards
return username, not_owned_dashboards, owned_dashboards
def _create_sample_only_published_dashboard_with_roles(self):
username = random_str()
@ -289,8 +289,7 @@ class TestDashboardRoleBasedSecurity(BaseTestDashboardSecurity):
]
for dash in published_dashboards + draft_dashboards:
grant_access_to_dashboard(dash, new_role)
self.login(username)
return new_role, draft_dashboards, published_dashboards
return username, new_role, draft_dashboards, published_dashboards
def test_get_dashboards_api__admin_get_all_dashboards(self):
# arrange
@ -299,7 +298,7 @@ class TestDashboardRoleBasedSecurity(BaseTestDashboardSecurity):
)
dashboard_counts = count_dashboards()
self.login("admin")
self.login(ADMIN_USERNAME)
# act
response = self.get_dashboards_api_response()
@ -310,10 +309,13 @@ class TestDashboardRoleBasedSecurity(BaseTestDashboardSecurity):
def test_get_dashboards_api__owner_get_all_owned_dashboards(self):
# arrange
(
username,
not_owned_dashboards,
owned_dashboards,
) = self._create_sample_dashboards_with_owner_access()
self.login(username)
# act
response = self.get_dashboards_api_response()
@ -337,11 +339,14 @@ class TestDashboardRoleBasedSecurity(BaseTestDashboardSecurity):
def test_get_dashboards_api__user_get_only_published_permitted_dashboards(self):
(
username,
new_role,
draft_dashboards,
published_dashboards,
) = self._create_sample_only_published_dashboard_with_roles()
self.login(username)
# act
response = self.get_dashboards_api_response()
@ -362,7 +367,6 @@ class TestDashboardRoleBasedSecurity(BaseTestDashboardSecurity):
self,
):
create_dashboard_to_db(published=True)
self.logout()
# act
response = self.get_dashboards_api_response()
@ -387,8 +391,6 @@ class TestDashboardRoleBasedSecurity(BaseTestDashboardSecurity):
for dash in published_dashboards + draft_dashboards:
grant_access_to_dashboard(dash, "Public")
self.logout()
# act
response = self.get_dashboards_api_response()
@ -422,7 +424,7 @@ class TestDashboardRoleBasedSecurity(BaseTestDashboardSecurity):
assert not dashboard_to_access.published
assert dashboard_to_access.roles == []
self.login(username="gamma")
self.login(GAMMA_USERNAME)
uri = f"api/v1/dashboard/{dashboard_to_access.uuid}"
rv = self.client.get(uri)
assert rv.status_code == 403
@ -439,7 +441,7 @@ class TestDashboardRoleBasedSecurity(BaseTestDashboardSecurity):
assert not dashboard.published
assert dashboard.roles == [admin_role]
self.login(username="gamma")
self.login(GAMMA_USERNAME)
uri = f"api/v1/dashboard/{dashboard.uuid}"
rv = self.client.get(uri)
assert rv.status_code == 403
@ -473,15 +475,14 @@ class TestDashboardRoleBasedSecurity(BaseTestDashboardSecurity):
),
}
self.login(username="gamma")
self.login(GAMMA_USERNAME)
rv = self.client.post(uri, json=data)
self.assertEqual(rv.status_code, 403)
self.logout()
self.login(username="admin")
self.login(ADMIN_USERNAME)
rv = self.client.post(uri, json=data)
self.assertEqual(rv.status_code, 200)
self.logout()
response = json.loads(rv.data.decode("utf-8"))
target = (

211
tests/integration_tests/databases/api_tests.py
View File

@ -50,6 +50,7 @@ from superset.models.core import Database, ConfigurationMethod
from superset.reports.models import ReportSchedule, ReportScheduleType
from superset.utils.database import get_example_database, get_main_database
from tests.integration_tests.base_tests import SupersetTestCase
from tests.integration_tests.constants import ADMIN_USERNAME, GAMMA_USERNAME
from tests.integration_tests.fixtures.birth_names_dashboard import (
load_birth_names_dashboard_with_slices,
load_birth_names_data,
@ -183,7 +184,7 @@ class TestDatabaseApi(SupersetTestCase):
"""
Database API: Test get items
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "api/v1/database/"
rv = self.client.get(uri)
self.assertEqual(rv.status_code, 200)
@ -227,7 +228,7 @@ class TestDatabaseApi(SupersetTestCase):
)
dbs = db.session.query(Database).filter_by(expose_in_sqllab=True).all()
self.login(username="admin")
self.login(ADMIN_USERNAME)
arguments = {
"keys": ["none"],
"filters": [{"col": "expose_in_sqllab", "opr": "eq", "value": True}],
@ -250,7 +251,7 @@ class TestDatabaseApi(SupersetTestCase):
"""
Database API: Test get items not allowed
"""
self.login(username="gamma")
self.login(GAMMA_USERNAME)
uri = "api/v1/database/"
rv = self.client.get(uri)
self.assertEqual(rv.status_code, 200)
@ -268,7 +269,7 @@ class TestDatabaseApi(SupersetTestCase):
"schemas_allowed_for_file_upload": [],
}
self.login(username="admin")
self.login(ADMIN_USERNAME)
example_db = get_example_database()
if example_db.backend == "sqlite":
return
@ -307,7 +308,7 @@ class TestDatabaseApi(SupersetTestCase):
Database API: Test create with SSH Tunnel
"""
mock_create_is_feature_enabled.return_value = True
self.login(username="admin")
self.login(ADMIN_USERNAME)
example_db = get_example_database()
if example_db.backend == "sqlite":
return
@ -410,7 +411,7 @@ class TestDatabaseApi(SupersetTestCase):
"""
mock_create_is_feature_enabled.return_value = True
mock_update_is_feature_enabled.return_value = True
self.login(username="admin")
self.login(ADMIN_USERNAME)
example_db = get_example_database()
if example_db.backend == "sqlite":
return
@ -619,7 +620,7 @@ class TestDatabaseApi(SupersetTestCase):
"""
mock_create_is_feature_enabled.return_value = True
mock_update_is_feature_enabled.return_value = True
self.login(username="admin")
self.login(ADMIN_USERNAME)
example_db = get_example_database()
if example_db.backend == "sqlite":
@ -696,7 +697,7 @@ class TestDatabaseApi(SupersetTestCase):
Database API: SSH Tunnel gets deleted if Database gets deleted
"""
mock_create_is_feature_enabled.return_value = True
self.login(username="admin")
self.login(ADMIN_USERNAME)
example_db = get_example_database()
if example_db.backend == "sqlite":
return
@ -752,7 +753,7 @@ class TestDatabaseApi(SupersetTestCase):
Database API: Test rollback is called if SSH Tunnel creation fails
"""
mock_create_is_feature_enabled.return_value = True
self.login(username="admin")
self.login(ADMIN_USERNAME)
example_db = get_example_database()
if example_db.backend == "sqlite":
return
@ -799,7 +800,7 @@ class TestDatabaseApi(SupersetTestCase):
Database API: Test GET Database returns its related SSH Tunnel
"""
mock_create_is_feature_enabled.return_value = True
self.login(username="admin")
self.login(ADMIN_USERNAME)
example_db = get_example_database()
if example_db.backend == "sqlite":
return
@ -851,7 +852,7 @@ class TestDatabaseApi(SupersetTestCase):
"""
Database API: Test raises SSHTunneling feature flag not enabled
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
example_db = get_example_database()
if example_db.backend == "sqlite":
return
@ -897,7 +898,7 @@ class TestDatabaseApi(SupersetTestCase):
with database.get_sqla_engine_with_context() as engine:
engine.execute(query)
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/database/{database.id}/table/{table_name}/null/"
rv = self.client.get(uri)
@ -914,7 +915,7 @@ class TestDatabaseApi(SupersetTestCase):
"schemas_allowed_for_file_upload": [],
}
self.login(username="admin")
self.login(ADMIN_USERNAME)
example_db = get_example_database()
if example_db.backend == "sqlite":
return
@ -949,7 +950,7 @@ class TestDatabaseApi(SupersetTestCase):
"schemas_allowed_for_file_upload": [],
}
self.login(username="admin")
self.login(ADMIN_USERNAME)
example_db = get_example_database()
if example_db.backend == "sqlite":
return
@ -974,7 +975,7 @@ class TestDatabaseApi(SupersetTestCase):
if example_db.backend == "sqlite":
return
self.login(username="admin")
self.login(ADMIN_USERNAME)
database_data = {
"database_name": "test-create-database-invalid-cert",
"sqlalchemy_uri": example_db.sqlalchemy_uri_decrypted,
@ -997,7 +998,7 @@ class TestDatabaseApi(SupersetTestCase):
if example_db.backend == "sqlite":
return
self.login(username="admin")
self.login(ADMIN_USERNAME)
database_data = {
"database_name": "test-create-database-invalid-json",
"sqlalchemy_uri": example_db.sqlalchemy_uri_decrypted,
@ -1038,7 +1039,7 @@ class TestDatabaseApi(SupersetTestCase):
"metadata_cache_timeout": {},
"schemas_allowed_for_file_upload": [],
}
self.login(username="admin")
self.login(ADMIN_USERNAME)
database_data = {
"database_name": "test-create-database-invalid-extra",
"sqlalchemy_uri": example_db.sqlalchemy_uri_decrypted,
@ -1068,7 +1069,7 @@ class TestDatabaseApi(SupersetTestCase):
if example_db.backend == "sqlite":
return
self.login(username="admin")
self.login(ADMIN_USERNAME)
database_data = {
"database_name": "examples",
"sqlalchemy_uri": example_db.sqlalchemy_uri_decrypted,
@ -1090,7 +1091,7 @@ class TestDatabaseApi(SupersetTestCase):
"""
Database API: Test create fail validate sqlalchemy uri
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
database_data = {
"database_name": "test-database-invalid-uri",
"sqlalchemy_uri": "wrong_uri",
@ -1121,7 +1122,7 @@ class TestDatabaseApi(SupersetTestCase):
}
uri = "api/v1/database/"
self.login(username="admin")
self.login(ADMIN_USERNAME)
response = self.client.post(uri, json=database_data)
response_data = json.loads(response.data.decode("utf-8"))
expected_response = {
@ -1150,7 +1151,7 @@ class TestDatabaseApi(SupersetTestCase):
}
uri = "api/v1/database/"
self.login(username="admin")
self.login(ADMIN_USERNAME)
response = self.client.post(uri, json=database_data)
response_data = json.loads(response.data.decode("utf-8"))
superset_error_mysql = SupersetError(
@ -1211,7 +1212,7 @@ class TestDatabaseApi(SupersetTestCase):
test_database = self.insert_database(
"test-database", example_db.sqlalchemy_uri_decrypted
)
self.login(username="admin")
self.login(ADMIN_USERNAME)
database_data = {
"database_name": "test-database-updated",
"configuration_method": ConfigurationMethod.SQLALCHEMY_FORM,
@ -1241,7 +1242,7 @@ class TestDatabaseApi(SupersetTestCase):
}
uri = f"api/v1/database/{test_database.id}"
self.login(username="admin")
self.login(ADMIN_USERNAME)
rv = self.client.put(uri, json=database_data)
response = json.loads(rv.data.decode("utf-8"))
expected_response = {
@ -1266,7 +1267,7 @@ class TestDatabaseApi(SupersetTestCase):
"test-database2", example_db.sqlalchemy_uri_decrypted
)
self.login(username="admin")
self.login(ADMIN_USERNAME)
database_data = {"database_name": "test-database2"}
uri = f"api/v1/database/{test_database1.id}"
rv = self.client.put(uri, json=database_data)
@ -1287,7 +1288,7 @@ class TestDatabaseApi(SupersetTestCase):
"""
Database API: Test update invalid request
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
database_data = {"database_name": "test-database-updated"}
uri = "api/v1/database/invalid"
rv = self.client.put(uri, json=database_data)
@ -1302,7 +1303,7 @@ class TestDatabaseApi(SupersetTestCase):
"test-database", example_db.sqlalchemy_uri_decrypted
)
self.login(username="admin")
self.login(ADMIN_USERNAME)
database_data = {
"database_name": "test-database-updated",
"sqlalchemy_uri": "wrong_uri",
@ -1327,7 +1328,7 @@ class TestDatabaseApi(SupersetTestCase):
test_database = self.insert_database(
"test-database", example_db.sqlalchemy_uri_decrypted
)
self.login(username="admin")
self.login(ADMIN_USERNAME)
database_data = {
"database_name": "test-database-updated",
"configuration_method": "BAD_FORM",
@ -1355,7 +1356,7 @@ class TestDatabaseApi(SupersetTestCase):
test_database = self.insert_database(
"test-database", example_db.sqlalchemy_uri_decrypted
)
self.login(username="admin")
self.login(ADMIN_USERNAME)
database_data = {
"database_name": "test-database-updated",
}
@ -1371,7 +1372,7 @@ class TestDatabaseApi(SupersetTestCase):
Database API: Test delete
"""
database_id = self.insert_database("test-database", "test_uri").id
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/database/{database_id}"
rv = self.delete_assert_metric(uri, "delete")
self.assertEqual(rv.status_code, 200)
@ -1383,7 +1384,7 @@ class TestDatabaseApi(SupersetTestCase):
Database API: Test delete not found
"""
max_id = db.session.query(func.max(Database.id)).scalar()
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/database/{max_id + 1}"
rv = self.delete_assert_metric(uri, "delete")
self.assertEqual(rv.status_code, 404)
@ -1393,7 +1394,7 @@ class TestDatabaseApi(SupersetTestCase):
"""
Database API: Test delete fails because it has depending datasets
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/database/{self._database.id}"
rv = self.delete_assert_metric(uri, "delete")
self.assertEqual(rv.status_code, 422)
@ -1403,7 +1404,7 @@ class TestDatabaseApi(SupersetTestCase):
"""
Database API: Test delete with associated report
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
database = (
db.session.query(Database)
.filter(Database.database_name == "database_with_report")
@ -1424,7 +1425,7 @@ class TestDatabaseApi(SupersetTestCase):
Database API: Test get table metadata info
"""
example_db = get_example_database()
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/database/{example_db.id}/table/birth_names/null/"
rv = self.client.get(uri)
self.assertEqual(rv.status_code, 200)
@ -1438,7 +1439,7 @@ class TestDatabaseApi(SupersetTestCase):
"""
Database API: Test info security
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
params = {"keys": ["permissions"]}
uri = f"api/v1/database/_info?q={prison.dumps(params)}"
rv = self.get_assert_metric(uri, "info")
@ -1451,7 +1452,7 @@ class TestDatabaseApi(SupersetTestCase):
Database API: Test get invalid database from table metadata
"""
database_id = 1000
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/database/{database_id}/table/some_table/some_schema/"
rv = self.client.get(uri)
self.assertEqual(rv.status_code, 404)
@ -1466,7 +1467,7 @@ class TestDatabaseApi(SupersetTestCase):
"""
example_db = get_example_database()
uri = f"api/v1/database/{example_db.id}/table/wrong_table/null/"
self.login(username="admin")
self.login(ADMIN_USERNAME)
rv = self.client.get(uri)
data = json.loads(rv.data.decode("utf-8"))
if example_db.backend == "sqlite":
@ -1494,7 +1495,7 @@ class TestDatabaseApi(SupersetTestCase):
"""
Database API: Test get table metadata from not permitted db
"""
self.login(username="gamma")
self.login(GAMMA_USERNAME)
example_db = get_example_database()
uri = f"api/v1/database/{example_db.id}/birth_names/null/"
rv = self.client.get(uri)
@ -1506,7 +1507,7 @@ class TestDatabaseApi(SupersetTestCase):
Database API: Test get table extra metadata info
"""
example_db = get_example_database()
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/database/{example_db.id}/table_extra/birth_names/null/"
rv = self.client.get(uri)
self.assertEqual(rv.status_code, 200)
@ -1518,7 +1519,7 @@ class TestDatabaseApi(SupersetTestCase):
Database API: Test get invalid database from table extra metadata
"""
database_id = 1000
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/database/{database_id}/table_extra/some_table/some_schema/"
rv = self.client.get(uri)
self.assertEqual(rv.status_code, 404)
@ -1533,7 +1534,7 @@ class TestDatabaseApi(SupersetTestCase):
"""
example_db = get_example_database()
uri = f"api/v1/database/{example_db.id}/table_extra/wrong_table/null/"
self.login(username="admin")
self.login(ADMIN_USERNAME)
rv = self.client.get(uri)
data = json.loads(rv.data.decode("utf-8"))
@ -1545,7 +1546,7 @@ class TestDatabaseApi(SupersetTestCase):
"""
Database API: Test get select star
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
example_db = get_example_database()
uri = f"api/v1/database/{example_db.id}/select_star/birth_names/"
rv = self.client.get(uri)
@ -1555,7 +1556,7 @@ class TestDatabaseApi(SupersetTestCase):
"""
Database API: Test get select star not allowed
"""
self.login(username="gamma")
self.login(GAMMA_USERNAME)
example_db = get_example_database()
uri = f"api/v1/database/{example_db.id}/select_star/birth_names/"
rv = self.client.get(uri)
@ -1577,7 +1578,7 @@ class TestDatabaseApi(SupersetTestCase):
gamma_role = security_manager.find_role("Gamma")
security_manager.add_permission_role(gamma_role, tmp_table_perm)
self.login(username="gamma")
self.login(GAMMA_USERNAME)
main_db = get_main_database()
uri = f"api/v1/database/{main_db.id}/select_star/ab_permission/"
rv = self.client.get(uri)
@ -1593,7 +1594,7 @@ class TestDatabaseApi(SupersetTestCase):
"""
Database API: Test get select star not found database
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
max_id = db.session.query(func.max(Database.id)).scalar()
uri = f"api/v1/database/{max_id + 1}/select_star/birth_names/"
rv = self.client.get(uri)
@ -1603,7 +1604,7 @@ class TestDatabaseApi(SupersetTestCase):
"""
Database API: Test get select star not found database
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
example_db = get_example_database()
# sqlite will not raise a NoSuchTableError
if example_db.backend == "sqlite":
@ -1626,7 +1627,7 @@ class TestDatabaseApi(SupersetTestCase):
"metadata_cache_timeout": {},
"schemas_allowed_for_file_upload": ["public"],
}
self.login(username="admin")
self.login(ADMIN_USERNAME)
database = self.insert_database(
"database_with_upload",
example_db.sqlalchemy_uri_decrypted,
@ -1667,7 +1668,7 @@ class TestDatabaseApi(SupersetTestCase):
"metadata_cache_timeout": {},
"schemas_allowed_for_file_upload": [],
}
self.login(username="admin")
self.login(ADMIN_USERNAME)
database = self.insert_database(
"database_with_upload",
example_db.sqlalchemy_uri_decrypted,
@ -1708,7 +1709,7 @@ class TestDatabaseApi(SupersetTestCase):
"metadata_cache_timeout": {},
"schemas_allowed_for_file_upload": ["public"],
}
self.login(username="admin")
self.login(ADMIN_USERNAME)
database = self.insert_database(
"database_with_upload",
example_db.sqlalchemy_uri_decrypted,
@ -1749,7 +1750,7 @@ class TestDatabaseApi(SupersetTestCase):
"metadata_cache_timeout": {},
"schemas_allowed_for_file_upload": [],
}
self.login(username="admin")
self.login(ADMIN_USERNAME)
database = self.insert_database(
"database_with_upload",
example_db.sqlalchemy_uri_decrypted,
@ -1783,7 +1784,7 @@ class TestDatabaseApi(SupersetTestCase):
with self.create_app().app_context():
example_db = get_example_database()
self.login(username="admin")
self.login(ADMIN_USERNAME)
database = self.insert_database(
"database_with_upload",
example_db.sqlalchemy_uri_decrypted,
@ -1829,7 +1830,7 @@ class TestDatabaseApi(SupersetTestCase):
"metadata_cache_timeout": {},
"schemas_allowed_for_file_upload": [],
}
self.login(username="admin")
self.login(ADMIN_USERNAME)
database = self.insert_database(
"database_with_upload",
example_db.sqlalchemy_uri_decrypted,
@ -1868,7 +1869,7 @@ class TestDatabaseApi(SupersetTestCase):
Both databases have false allow_file_upload
"""
with self.create_app().app_context():
self.login(username="admin")
self.login(ADMIN_USERNAME)
arguments = {
"columns": ["allow_file_upload"],
"filters": [
@ -1897,7 +1898,7 @@ class TestDatabaseApi(SupersetTestCase):
"metadata_cache_timeout": {},
"schemas_allowed_for_file_upload": ["public"],
}
self.login(username="gamma")
self.login(GAMMA_USERNAME)
database = self.insert_database(
"database_with_upload",
example_db.sqlalchemy_uri_decrypted,
@ -1945,7 +1946,7 @@ class TestDatabaseApi(SupersetTestCase):
gamma_role = security_manager.find_role("Gamma")
security_manager.add_permission_role(gamma_role, tmp_table_perm)
self.login(username="gamma")
self.login(GAMMA_USERNAME)
arguments = {
"columns": ["allow_file_upload"],
@ -1972,7 +1973,7 @@ class TestDatabaseApi(SupersetTestCase):
"""
Database API: Test database schemas
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
database = db.session.query(Database).filter_by(database_name="examples").one()
schemas = database.get_all_schema_names()
@ -1990,8 +1991,7 @@ class TestDatabaseApi(SupersetTestCase):
"""
Database API: Test database schemas not found
"""
self.logout()
self.login(username="gamma")
self.login(GAMMA_USERNAME)
example_db = get_example_database()
uri = f"api/v1/database/{example_db.id}/schemas/"
rv = self.client.get(uri)
@ -2001,7 +2001,7 @@ class TestDatabaseApi(SupersetTestCase):
"""
Database API: Test database schemas with invalid query
"""
self.login("admin")
self.login(ADMIN_USERNAME)
database = db.session.query(Database).first()
rv = self.client.get(
f"api/v1/database/{database.id}/schemas/?q={prison.dumps({'force': 'nop'})}"
@ -2012,7 +2012,7 @@ class TestDatabaseApi(SupersetTestCase):
"""
Database API: Test database tables
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
database = db.session.query(Database).filter_by(database_name="examples").one()
schema_name = self.default_schema_backend_map[database.backend]
@ -2036,8 +2036,7 @@ class TestDatabaseApi(SupersetTestCase):
"""
Database API: Test database tables not found
"""
self.logout()
self.login(username="gamma")
self.login(GAMMA_USERNAME)
example_db = get_example_database()
uri = f"api/v1/database/{example_db.id}/tables/?q={prison.dumps({'schema_name': 'non_existent'})}"
rv = self.client.get(uri)
@ -2047,7 +2046,7 @@ class TestDatabaseApi(SupersetTestCase):
"""
Database API: Test database tables with invalid query
"""
self.login("admin")
self.login(ADMIN_USERNAME)
database = db.session.query(Database).first()
rv = self.client.get(
f"api/v1/database/{database.id}/tables/?q={prison.dumps({'force': 'nop'})}"
@ -2059,7 +2058,7 @@ class TestDatabaseApi(SupersetTestCase):
"""
Database API: Test database tables with unexpected error
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
database = db.session.query(Database).filter_by(database_name="examples").one()
mock_can_access_database.side_effect = Exception("Test Error")
@ -2080,7 +2079,7 @@ class TestDatabaseApi(SupersetTestCase):
}
# need to temporarily allow sqlite dbs, teardown will undo this
app.config["PREVENT_UNSAFE_DB_CONNECTIONS"] = False
self.login("admin")
self.login(ADMIN_USERNAME)
example_db = get_example_database()
# validate that the endpoint works with the password-masked sqlalchemy uri
data = {
@ -2112,7 +2111,7 @@ class TestDatabaseApi(SupersetTestCase):
"""
Database API: Test test connection failed
"""
self.login("admin")
self.login(ADMIN_USERNAME)
data = {
"sqlalchemy_uri": "broken://url",
@ -2177,7 +2176,7 @@ class TestDatabaseApi(SupersetTestCase):
"""
Database API: Test test connection with unsafe uri
"""
self.login("admin")
self.login(ADMIN_USERNAME)
app.config["PREVENT_UNSAFE_DB_CONNECTIONS"] = True
data = {
@ -2238,7 +2237,7 @@ class TestDatabaseApi(SupersetTestCase):
superset_error
]
self.login("admin")
self.login(ADMIN_USERNAME)
data = {
"sqlalchemy_uri": "postgres://username:password@locahost:12345/db",
"database_name": "examples",
@ -2265,7 +2264,7 @@ class TestDatabaseApi(SupersetTestCase):
Database API: Test get chart and dashboard count related to a database
:return:
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
database = get_example_database()
uri = f"api/v1/database/{database.id}/related_objects/"
rv = self.get_assert_metric(uri, "related_objects")
@ -2282,11 +2281,11 @@ class TestDatabaseApi(SupersetTestCase):
# id does not exist and we get 404
invalid_id = max_id + 1
uri = f"api/v1/database/{invalid_id}/related_objects/"
self.login(username="admin")
self.login(ADMIN_USERNAME)
rv = self.get_assert_metric(uri, "related_objects")
self.assertEqual(rv.status_code, 404)
self.logout()
self.login(username="gamma")
self.login(GAMMA_USERNAME)
database = get_example_database()
uri = f"api/v1/database/{database.id}/related_objects/"
rv = self.get_assert_metric(uri, "related_objects")
@ -2296,7 +2295,7 @@ class TestDatabaseApi(SupersetTestCase):
"""
Database API: Test export database
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
database = get_example_database()
argument = [database.id]
uri = f"api/v1/database/export/?q={prison.dumps(argument)}"
@ -2310,7 +2309,7 @@ class TestDatabaseApi(SupersetTestCase):
"""
Database API: Test export database not allowed
"""
self.login(username="gamma")
self.login(GAMMA_USERNAME)
database = get_example_database()
argument = [database.id]
uri = f"api/v1/database/export/?q={prison.dumps(argument)}"
@ -2325,7 +2324,7 @@ class TestDatabaseApi(SupersetTestCase):
# id does not exist and we get 404
invalid_id = max_id + 1
self.login(username="admin")
self.login(ADMIN_USERNAME)
argument = [invalid_id]
uri = f"api/v1/database/export/?q={prison.dumps(argument)}"
rv = self.get_assert_metric(uri, "export")
@ -2335,7 +2334,7 @@ class TestDatabaseApi(SupersetTestCase):
"""
Database API: Test import database
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "api/v1/database/import/"
buf = self.create_database_import()
@ -2367,7 +2366,7 @@ class TestDatabaseApi(SupersetTestCase):
"""
Database API: Test import existing database
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "api/v1/database/import/"
buf = self.create_database_import()
@ -2437,7 +2436,7 @@ class TestDatabaseApi(SupersetTestCase):
"""
Database API: Test import invalid database
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "api/v1/database/import/"
buf = BytesIO()
@ -2487,7 +2486,7 @@ class TestDatabaseApi(SupersetTestCase):
"""
Database API: Test import database with masked password
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "api/v1/database/import/"
masked_database_config = database_config.copy()
@ -2544,7 +2543,7 @@ class TestDatabaseApi(SupersetTestCase):
"""
Database API: Test import database with masked password provided
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "api/v1/database/import/"
masked_database_config = database_config.copy()
@ -2592,7 +2591,7 @@ class TestDatabaseApi(SupersetTestCase):
"""
Database API: Test import database with masked password
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "api/v1/database/import/"
mock_schema_is_feature_enabled.return_value = True
@ -2650,7 +2649,7 @@ class TestDatabaseApi(SupersetTestCase):
"""
Database API: Test import database with masked password provided
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "api/v1/database/import/"
mock_schema_is_feature_enabled.return_value = True
@ -2698,7 +2697,7 @@ class TestDatabaseApi(SupersetTestCase):
"""
Database API: Test import database with masked private_key
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "api/v1/database/import/"
mock_schema_is_feature_enabled.return_value = True
@ -2759,7 +2758,7 @@ class TestDatabaseApi(SupersetTestCase):
"""
Database API: Test import database with masked password provided
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "api/v1/database/import/"
mock_schema_is_feature_enabled.return_value = True
@ -2808,7 +2807,7 @@ class TestDatabaseApi(SupersetTestCase):
"""
Database API: Test import database with ssh_tunnel and feature flag disabled
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "api/v1/database/import/"
masked_database_config = database_with_ssh_tunnel_config_private_key.copy()
@ -2862,7 +2861,7 @@ class TestDatabaseApi(SupersetTestCase):
"""
Database API: Test import database with ssh_tunnel that has no credentials
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "api/v1/database/import/"
mock_schema_is_feature_enabled.return_value = True
@ -2917,7 +2916,7 @@ class TestDatabaseApi(SupersetTestCase):
"""
Database API: Test import database with ssh_tunnel that has no credentials
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "api/v1/database/import/"
mock_schema_is_feature_enabled.return_value = True
@ -2972,7 +2971,7 @@ class TestDatabaseApi(SupersetTestCase):
"""
Database API: Test import database with ssh_tunnel that has no credentials
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "api/v1/database/import/"
mock_schema_is_feature_enabled.return_value = True
@ -3038,7 +3037,7 @@ class TestDatabaseApi(SupersetTestCase):
mock_get_function_names.return_value = ["AVG", "MAX", "SUM"]
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "api/v1/database/1/function_names/"
rv = self.client.get(uri)
@ -3052,7 +3051,7 @@ class TestDatabaseApi(SupersetTestCase):
if example_db.backend != "sqlite":
return
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "api/v1/database/1/function_names/"
rv = self.client.get(uri)
@ -3190,7 +3189,7 @@ class TestDatabaseApi(SupersetTestCase):
HanaEngineSpec: {""},
}
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "api/v1/database/available/"
rv = self.client.get(uri)
@ -3432,7 +3431,7 @@ class TestDatabaseApi(SupersetTestCase):
HanaEngineSpec: {""},
}
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "api/v1/database/available/"
rv = self.client.get(uri)
@ -3467,7 +3466,7 @@ class TestDatabaseApi(SupersetTestCase):
}
def test_validate_parameters_invalid_payload_format(self):
self.login(username="admin")
self.login(ADMIN_USERNAME)
url = "api/v1/database/validate_parameters/"
rv = self.client.post(url, data="INVALID", content_type="text/plain")
response = json.loads(rv.data.decode("utf-8"))
@ -3492,7 +3491,7 @@ class TestDatabaseApi(SupersetTestCase):
}
def test_validate_parameters_invalid_payload_schema(self):
self.login(username="admin")
self.login(ADMIN_USERNAME)
url = "api/v1/database/validate_parameters/"
payload = {"foo": "bar"}
rv = self.client.post(url, json=payload)
@ -3536,7 +3535,7 @@ class TestDatabaseApi(SupersetTestCase):
}
def test_validate_parameters_missing_fields(self):
self.login(username="admin")
self.login(ADMIN_USERNAME)
url = "api/v1/database/validate_parameters/"
payload = {
"configuration_method": ConfigurationMethod.SQLALCHEMY_FORM,
@ -3587,7 +3586,7 @@ class TestDatabaseApi(SupersetTestCase):
is_hostname_valid.return_value = True
is_port_open.return_value = True
self.login(username="admin")
self.login(ADMIN_USERNAME)
url = "api/v1/database/validate_parameters/"
payload = {
"engine": "postgresql",
@ -3611,7 +3610,7 @@ class TestDatabaseApi(SupersetTestCase):
assert response == {"message": "OK"}
def test_validate_parameters_invalid_port(self):
self.login(username="admin")
self.login(ADMIN_USERNAME)
url = "api/v1/database/validate_parameters/"
payload = {
"engine": "postgresql",
@ -3670,7 +3669,7 @@ class TestDatabaseApi(SupersetTestCase):
def test_validate_parameters_invalid_host(self, is_hostname_valid):
is_hostname_valid.return_value = False
self.login(username="admin")
self.login(ADMIN_USERNAME)
url = "api/v1/database/validate_parameters/"
payload = {
"engine": "postgresql",
@ -3730,7 +3729,7 @@ class TestDatabaseApi(SupersetTestCase):
def test_validate_parameters_invalid_port_range(self, is_hostname_valid):
is_hostname_valid.return_value = True
self.login(username="admin")
self.login(ADMIN_USERNAME)
url = "api/v1/database/validate_parameters/"
payload = {
"engine": "postgresql",
@ -3786,7 +3785,7 @@ class TestDatabaseApi(SupersetTestCase):
def test_get_related_objects(self):
example_db = get_example_database()
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/database/{example_db.id}/related_objects/"
rv = self.client.get(uri)
assert rv.status_code == 200
@ -3813,7 +3812,7 @@ class TestDatabaseApi(SupersetTestCase):
if example_db.backend not in ("presto", "postgresql"):
pytest.skip("Only presto and PG are implemented")
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/database/{example_db.id}/validate_sql/"
rv = self.client.post(uri, json=request_payload)
response = json.loads(rv.data.decode("utf-8"))
@ -3839,7 +3838,7 @@ class TestDatabaseApi(SupersetTestCase):
if example_db.backend not in ("presto", "postgresql"):
pytest.skip("Only presto and PG are implemented")
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/database/{example_db.id}/validate_sql/"
rv = self.client.post(uri, json=request_payload)
response = json.loads(rv.data.decode("utf-8"))
@ -3870,7 +3869,7 @@ class TestDatabaseApi(SupersetTestCase):
"schema": None,
"template_params": None,
}
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = (
f"api/v1/database/{self.get_nonexistent_numeric_id(Database)}/validate_sql/"
)
@ -3891,7 +3890,7 @@ class TestDatabaseApi(SupersetTestCase):
"schema": None,
"template_params": None,
}
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = (
f"api/v1/database/{self.get_nonexistent_numeric_id(Database)}/validate_sql/"
)
@ -3914,7 +3913,7 @@ class TestDatabaseApi(SupersetTestCase):
"template_params": None,
}
self.login("admin")
self.login(ADMIN_USERNAME)
example_db = get_example_database()
@ -3961,13 +3960,13 @@ class TestDatabaseApi(SupersetTestCase):
"template_params": None,
}
self.login("admin")
self.login(ADMIN_USERNAME)
validator = MagicMock()
get_validator_by_name.return_value = validator
validator.validate.side_effect = Exception("Kaboom!")
self.login("admin")
self.login(ADMIN_USERNAME)
example_db = get_example_database()
@ -3989,7 +3988,7 @@ class TestDatabaseApi(SupersetTestCase):
Then, we're adding the patch for the config to add the filter function
and testing it's being applied.
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
extra = {
"metadata_params": {},
"engine_params": {},

199
tests/integration_tests/datasets/api_tests.py
View File

@ -46,6 +46,11 @@ from superset.utils.database import get_example_database, get_main_database
from superset.utils.dict_import_export import export_to_dict
from tests.integration_tests.base_tests import SupersetTestCase
from tests.integration_tests.conftest import CTAS_SCHEMA_NAME, with_feature_flags
from tests.integration_tests.constants import (
ADMIN_USERNAME,
ALPHA_USERNAME,
GAMMA_USERNAME,
)
from tests.integration_tests.fixtures.birth_names_dashboard import (
load_birth_names_dashboard_with_slices,
load_birth_names_data,
@ -186,7 +191,7 @@ class TestDatasetApi(SupersetTestCase):
"""
example_db = get_example_database()
self.login(username="admin")
self.login(ADMIN_USERNAME)
arguments = {
"filters": [
{"col": "database", "opr": "rel_o_m", "value": f"{example_db.id}"},
@ -223,7 +228,11 @@ class TestDatasetApi(SupersetTestCase):
Dataset API: Test get dataset list gamma
"""
self.login(username="gamma")
if backend() == "postgresql":
# failing
return
self.login(GAMMA_USERNAME)
uri = "api/v1/dataset/"
rv = self.get_assert_metric(uri, "get_list")
assert rv.status_code == 200
@ -235,7 +244,11 @@ class TestDatasetApi(SupersetTestCase):
Dataset API: Test get dataset list with database access
"""
self.login(username="gamma")
if backend() == "postgresql":
# failing
return
self.login(GAMMA_USERNAME)
# create new dataset
main_db = get_main_database()
@ -285,7 +298,7 @@ class TestDatasetApi(SupersetTestCase):
gamma_role.permissions.append(main_db_pvm)
db.session.commit()
self.login(username="gamma")
self.login(GAMMA_USERNAME)
uri = "api/v1/dataset/related/database"
rv = self.client.get(uri)
assert rv.status_code == 200
@ -307,7 +320,7 @@ class TestDatasetApi(SupersetTestCase):
table = self.get_energy_usage_dataset()
main_db = get_main_database()
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/dataset/{table.id}"
rv = self.get_assert_metric(uri, "get")
assert rv.status_code == 200
@ -403,7 +416,7 @@ class TestDatasetApi(SupersetTestCase):
"count": len(schema_values),
"result": [{"text": val, "value": val} for val in schema_values],
}
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "api/v1/dataset/distinct/schema"
rv = self.client.get(uri)
response = json.loads(rv.data.decode("utf-8"))
@ -440,7 +453,7 @@ class TestDatasetApi(SupersetTestCase):
Dataset API: Test get dataset distinct not allowed
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "api/v1/dataset/distinct/table_name"
rv = self.client.get(uri)
assert rv.status_code == 404
@ -452,7 +465,7 @@ class TestDatasetApi(SupersetTestCase):
dataset = self.insert_default_dataset()
self.login(username="gamma")
self.login(GAMMA_USERNAME)
uri = "api/v1/dataset/distinct/schema"
rv = self.client.get(uri)
assert rv.status_code == 200
@ -468,7 +481,7 @@ class TestDatasetApi(SupersetTestCase):
Dataset API: Test get dataset info
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "api/v1/dataset/_info"
rv = self.get_assert_metric(uri, "info")
assert rv.status_code == 200
@ -478,7 +491,7 @@ class TestDatasetApi(SupersetTestCase):
Dataset API: Test info security
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
params = {"keys": ["permissions"]}
uri = f"api/v1/dataset/_info?q={prison.dumps(params)}"
rv = self.get_assert_metric(uri, "info")
@ -499,7 +512,7 @@ class TestDatasetApi(SupersetTestCase):
"""
main_db = get_main_database()
self.login(username="admin")
self.login(ADMIN_USERNAME)
table_data = {
"database": main_db.id,
"schema": None,
@ -544,7 +557,7 @@ class TestDatasetApi(SupersetTestCase):
"""
main_db = get_main_database()
self.login(username="admin")
self.login(ADMIN_USERNAME)
table_data = {
"database": main_db.id,
"schema": None,
@ -570,7 +583,7 @@ class TestDatasetApi(SupersetTestCase):
Dataset API: Test create dataset item gamma
"""
self.login(username="gamma")
self.login(GAMMA_USERNAME)
main_db = get_main_database()
table_data = {
"database": main_db.id,
@ -587,7 +600,7 @@ class TestDatasetApi(SupersetTestCase):
"""
main_db = get_main_database()
self.login(username="alpha")
self.login(ALPHA_USERNAME)
admin = self.get_user("admin")
alpha = self.get_user("alpha")
@ -614,7 +627,7 @@ class TestDatasetApi(SupersetTestCase):
admin = self.get_user("admin")
main_db = get_main_database()
self.login(username="admin")
self.login(ADMIN_USERNAME)
table_data = {
"database": main_db.id,
"schema": "",
@ -635,7 +648,7 @@ class TestDatasetApi(SupersetTestCase):
"""
energy_usage_ds = self.get_energy_usage_dataset()
self.login(username="admin")
self.login(ADMIN_USERNAME)
table_data = {
"database": energy_usage_ds.database_id,
"table_name": energy_usage_ds.table_name,
@ -656,7 +669,7 @@ class TestDatasetApi(SupersetTestCase):
"""
energy_usage_ds = self.get_energy_usage_dataset()
self.login(username="admin")
self.login(ADMIN_USERNAME)
table_data = {
"database": energy_usage_ds.database_id,
"table_name": energy_usage_ds.table_name,
@ -678,7 +691,7 @@ class TestDatasetApi(SupersetTestCase):
"""
energy_usage_ds = self.get_energy_usage_dataset()
self.login(username="alpha")
self.login(ALPHA_USERNAME)
admin = self.get_user("admin")
alpha = self.get_user("alpha")
table_data = {
@ -710,7 +723,7 @@ class TestDatasetApi(SupersetTestCase):
f"CREATE TABLE {CTAS_SCHEMA_NAME}.birth_names AS SELECT 2 as two"
)
self.login(username="admin")
self.login(ADMIN_USERNAME)
table_data = {
"database": example_db.id,
"schema": CTAS_SCHEMA_NAME,
@ -734,7 +747,7 @@ class TestDatasetApi(SupersetTestCase):
Dataset API: Test create dataset validate database exists
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
dataset_data = {"database": 1000, "schema": "", "table_name": "birth_names"}
uri = "api/v1/dataset/"
rv = self.post_assert_metric(uri, dataset_data, "post")
@ -748,7 +761,7 @@ class TestDatasetApi(SupersetTestCase):
"""
example_db = get_example_database()
self.login(username="admin")
self.login(ADMIN_USERNAME)
table_data = {
"database": example_db.id,
"schema": "",
@ -796,7 +809,7 @@ class TestDatasetApi(SupersetTestCase):
) as patch_get_view_names:
patch_get_view_names.return_value = {"test_case_view"}
self.login(username="admin")
self.login(ADMIN_USERNAME)
table_data = {
"database": example_db.id,
"schema": "",
@ -820,7 +833,7 @@ class TestDatasetApi(SupersetTestCase):
"""
mock_dao_create.side_effect = DAOCreateFailedError()
self.login(username="admin")
self.login(ADMIN_USERNAME)
main_db = get_main_database()
dataset_data = {
"database": main_db.id,
@ -893,7 +906,7 @@ class TestDatasetApi(SupersetTestCase):
dataset = self.insert_default_dataset()
current_owners = dataset.owners
self.login(username="admin")
self.login(ADMIN_USERNAME)
dataset_data = {"description": "changed_description"}
uri = f"api/v1/dataset/{dataset.id}"
rv = self.put_assert_metric(uri, dataset_data, "put")
@ -912,7 +925,7 @@ class TestDatasetApi(SupersetTestCase):
# Add default dataset
dataset = self.insert_default_dataset()
self.login(username="admin")
self.login(ADMIN_USERNAME)
new_col_dict = {
"column_name": "new_col",
"description": "description",
@ -975,7 +988,7 @@ class TestDatasetApi(SupersetTestCase):
}
)
self.login(username="admin")
self.login(ADMIN_USERNAME)
dataset_data = {
"columns": cols,
}
@ -1022,7 +1035,7 @@ class TestDatasetApi(SupersetTestCase):
uri = f"api/v1/dataset/{dataset.id}"
# Get current cols and metrics and append the new ones
self.login(username="admin")
self.login(ADMIN_USERNAME)
rv = self.get_assert_metric(uri, "get")
data = json.loads(rv.data.decode("utf-8"))
@ -1104,7 +1117,7 @@ class TestDatasetApi(SupersetTestCase):
}
uri = f"api/v1/dataset/{dataset.id}"
# Get current cols and append the new column
self.login(username="admin")
self.login(ADMIN_USERNAME)
rv = self.get_assert_metric(uri, "get")
data = json.loads(rv.data.decode("utf-8"))
@ -1143,7 +1156,7 @@ class TestDatasetApi(SupersetTestCase):
dataset = self.insert_default_dataset()
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/dataset/{dataset.id}"
# Get current cols and alter one
rv = self.get_assert_metric(uri, "get")
@ -1185,7 +1198,7 @@ class TestDatasetApi(SupersetTestCase):
.order_by("metric_name")
)
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/dataset/{dataset.id}"
data = {
"metrics": [
@ -1224,7 +1237,7 @@ class TestDatasetApi(SupersetTestCase):
dataset = self.insert_default_dataset()
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/dataset/{dataset.id}"
# try to insert a new column ID that already exists
data = {"columns": [{"column_name": "id", "type": "INTEGER"}]}
@ -1245,7 +1258,7 @@ class TestDatasetApi(SupersetTestCase):
dataset = self.insert_default_dataset()
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/dataset/{dataset.id}"
# try to insert a new column ID that already exists
data = {"metrics": [{"metric_name": "count", "expression": "COUNT(*)"}]}
@ -1266,7 +1279,7 @@ class TestDatasetApi(SupersetTestCase):
dataset = self.insert_default_dataset()
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/dataset/{dataset.id}"
# try to insert a new column ID that already exists
data = {
@ -1292,7 +1305,7 @@ class TestDatasetApi(SupersetTestCase):
dataset = self.insert_default_dataset()
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/dataset/{dataset.id}"
# try to insert a new column ID that already exists
data = {
@ -1317,7 +1330,7 @@ class TestDatasetApi(SupersetTestCase):
"""
dataset = self.insert_default_dataset()
self.login(username="gamma")
self.login(GAMMA_USERNAME)
table_data = {"description": "changed_description"}
uri = f"api/v1/dataset/{dataset.id}"
rv = self.client.put(uri, json=table_data)
@ -1330,8 +1343,12 @@ class TestDatasetApi(SupersetTestCase):
Dataset API: Tests that no username is returned
"""
if backend() == "postgresql":
# failing
return
dataset = self.insert_default_dataset()
self.login(username="admin")
self.login(ADMIN_USERNAME)
table_data = {"description": "changed_description"}
uri = f"api/v1/dataset/{dataset.id}"
rv = self.client.put(uri, json=table_data)
@ -1353,7 +1370,7 @@ class TestDatasetApi(SupersetTestCase):
"""
dataset = self.insert_default_dataset()
self.login(username="admin")
self.login(ADMIN_USERNAME)
table_data = {"description": "changed_description"}
uri = f"api/v1/dataset/{dataset.id}"
rv = self.client.put(uri, json=table_data)
@ -1374,7 +1391,7 @@ class TestDatasetApi(SupersetTestCase):
"""
dataset = self.insert_default_dataset()
self.login(username="alpha")
self.login(ALPHA_USERNAME)
table_data = {"description": "changed_description"}
uri = f"api/v1/dataset/{dataset.id}"
rv = self.put_assert_metric(uri, table_data, "put")
@ -1388,7 +1405,7 @@ class TestDatasetApi(SupersetTestCase):
"""
dataset = self.insert_default_dataset()
self.login(username="admin")
self.login(ADMIN_USERNAME)
table_data = {"description": "changed_description", "owners": [1000]}
uri = f"api/v1/dataset/{dataset.id}"
rv = self.put_assert_metric(uri, table_data, "put")
@ -1402,7 +1419,7 @@ class TestDatasetApi(SupersetTestCase):
"""
dataset = self.insert_default_dataset()
self.login(username="admin")
self.login(ADMIN_USERNAME)
ab_user = self.insert_dataset(
"ab_user", [self.get_user("admin").id], get_main_database()
)
@ -1428,7 +1445,7 @@ class TestDatasetApi(SupersetTestCase):
mock_dao_update.side_effect = DAOUpdateFailedError()
dataset = self.insert_default_dataset()
self.login(username="admin")
self.login(ADMIN_USERNAME)
table_data = {"description": "changed_description"}
uri = f"api/v1/dataset/{dataset.id}"
rv = self.client.put(uri, json=table_data)
@ -1448,7 +1465,7 @@ class TestDatasetApi(SupersetTestCase):
view_menu = security_manager.find_view_menu(dataset.get_perm())
assert view_menu is not None
view_menu_id = view_menu.id
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/dataset/{dataset.id}"
rv = self.client.delete(uri)
assert rv.status_code == 200
@ -1463,7 +1480,7 @@ class TestDatasetApi(SupersetTestCase):
"""
dataset = self.insert_default_dataset()
self.login(username="alpha")
self.login(ALPHA_USERNAME)
uri = f"api/v1/dataset/{dataset.id}"
rv = self.delete_assert_metric(uri, "delete")
assert rv.status_code == 403
@ -1476,7 +1493,7 @@ class TestDatasetApi(SupersetTestCase):
"""
dataset = self.insert_default_dataset()
self.login(username="gamma")
self.login(GAMMA_USERNAME)
uri = f"api/v1/dataset/{dataset.id}"
rv = self.client.delete(uri)
assert rv.status_code == 403
@ -1492,7 +1509,7 @@ class TestDatasetApi(SupersetTestCase):
mock_dao_delete.side_effect = DAODeleteFailedError()
dataset = self.insert_default_dataset()
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/dataset/{dataset.id}"
rv = self.delete_assert_metric(uri, "delete")
data = json.loads(rv.data.decode("utf-8"))
@ -1509,7 +1526,7 @@ class TestDatasetApi(SupersetTestCase):
dataset = self.get_fixture_datasets()[0]
column_id = dataset.columns[0].id
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/dataset/{dataset.id}/column/{column_id}"
rv = self.client.delete(uri)
assert rv.status_code == 200
@ -1524,7 +1541,7 @@ class TestDatasetApi(SupersetTestCase):
dataset = self.get_fixture_datasets()[0]
non_id = self.get_nonexistent_numeric_id(TableColumn)
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/dataset/{dataset.id}/column/{non_id}"
rv = self.client.delete(uri)
assert rv.status_code == 404
@ -1532,7 +1549,7 @@ class TestDatasetApi(SupersetTestCase):
non_id = self.get_nonexistent_numeric_id(SqlaTable)
column_id = dataset.columns[0].id
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/dataset/{non_id}/column/{column_id}"
rv = self.client.delete(uri)
assert rv.status_code == 404
@ -1546,7 +1563,7 @@ class TestDatasetApi(SupersetTestCase):
dataset = self.get_fixture_datasets()[0]
column_id = dataset.columns[0].id
self.login(username="alpha")
self.login(ALPHA_USERNAME)
uri = f"api/v1/dataset/{dataset.id}/column/{column_id}"
rv = self.client.delete(uri)
assert rv.status_code == 403
@ -1561,7 +1578,7 @@ class TestDatasetApi(SupersetTestCase):
mock_dao_delete.side_effect = DAODeleteFailedError()
dataset = self.get_fixture_datasets()[0]
column_id = dataset.columns[0].id
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/dataset/{dataset.id}/column/{column_id}"
rv = self.client.delete(uri)
data = json.loads(rv.data.decode("utf-8"))
@ -1581,7 +1598,7 @@ class TestDatasetApi(SupersetTestCase):
db.session.add(test_metric)
db.session.commit()
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/dataset/{dataset.id}/metric/{test_metric.id}"
rv = self.client.delete(uri)
assert rv.status_code == 200
@ -1596,7 +1613,7 @@ class TestDatasetApi(SupersetTestCase):
dataset = self.get_fixture_datasets()[0]
non_id = self.get_nonexistent_numeric_id(SqlMetric)
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/dataset/{dataset.id}/metric/{non_id}"
rv = self.client.delete(uri)
assert rv.status_code == 404
@ -1604,7 +1621,7 @@ class TestDatasetApi(SupersetTestCase):
non_id = self.get_nonexistent_numeric_id(SqlaTable)
metric_id = dataset.metrics[0].id
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/dataset/{non_id}/metric/{metric_id}"
rv = self.client.delete(uri)
assert rv.status_code == 404
@ -1618,7 +1635,7 @@ class TestDatasetApi(SupersetTestCase):
dataset = self.get_fixture_datasets()[0]
metric_id = dataset.metrics[0].id
self.login(username="alpha")
self.login(ALPHA_USERNAME)
uri = f"api/v1/dataset/{dataset.id}/metric/{metric_id}"
rv = self.client.delete(uri)
assert rv.status_code == 403
@ -1633,7 +1650,7 @@ class TestDatasetApi(SupersetTestCase):
mock_dao_delete.side_effect = DAODeleteFailedError()
dataset = self.get_fixture_datasets()[0]
column_id = dataset.metrics[0].id
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/dataset/{dataset.id}/metric/{column_id}"
rv = self.client.delete(uri)
data = json.loads(rv.data.decode("utf-8"))
@ -1653,7 +1670,7 @@ class TestDatasetApi(SupersetTestCase):
for dataset in datasets:
view_menu_names.append(dataset.get_perm())
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/dataset/?q={prison.dumps(dataset_ids)}"
rv = self.delete_assert_metric(uri, "bulk_delete")
data = json.loads(rv.data.decode("utf-8"))
@ -1679,7 +1696,7 @@ class TestDatasetApi(SupersetTestCase):
datasets = self.get_fixture_datasets()
dataset_ids = [dataset.id for dataset in datasets]
self.login(username="alpha")
self.login(ALPHA_USERNAME)
uri = f"api/v1/dataset/?q={prison.dumps(dataset_ids)}"
rv = self.delete_assert_metric(uri, "bulk_delete")
assert rv.status_code == 403
@ -1694,7 +1711,7 @@ class TestDatasetApi(SupersetTestCase):
dataset_ids = [dataset.id for dataset in datasets]
dataset_ids.append(db.session.query(func.max(SqlaTable.id)).scalar())
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/dataset/?q={prison.dumps(dataset_ids)}"
rv = self.delete_assert_metric(uri, "bulk_delete")
assert rv.status_code == 404
@ -1708,7 +1725,7 @@ class TestDatasetApi(SupersetTestCase):
datasets = self.get_fixture_datasets()
dataset_ids = [dataset.id for dataset in datasets]
self.login(username="gamma")
self.login(GAMMA_USERNAME)
uri = f"api/v1/dataset/?q={prison.dumps(dataset_ids)}"
rv = self.client.delete(uri)
assert rv.status_code == 403
@ -1723,7 +1740,7 @@ class TestDatasetApi(SupersetTestCase):
dataset_ids = [dataset.id for dataset in datasets]
dataset_ids.append("Wrong")
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/dataset/?q={prison.dumps(dataset_ids)}"
rv = self.client.delete(uri)
assert rv.status_code == 400
@ -1743,7 +1760,7 @@ class TestDatasetApi(SupersetTestCase):
db.session.delete(id_column)
db.session.commit()
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/dataset/{dataset.id}/refresh"
rv = self.put_assert_metric(uri, {}, "refresh")
assert rv.status_code == 200
@ -1764,7 +1781,7 @@ class TestDatasetApi(SupersetTestCase):
max_id = db.session.query(func.max(SqlaTable.id)).scalar()
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/dataset/{max_id + 1}/refresh"
rv = self.put_assert_metric(uri, {}, "refresh")
assert rv.status_code == 404
@ -1775,7 +1792,7 @@ class TestDatasetApi(SupersetTestCase):
"""
dataset = self.insert_default_dataset()
self.login(username="alpha")
self.login(ALPHA_USERNAME)
uri = f"api/v1/dataset/{dataset.id}/refresh"
rv = self.put_assert_metric(uri, {}, "refresh")
assert rv.status_code == 403
@ -1798,7 +1815,7 @@ class TestDatasetApi(SupersetTestCase):
argument = [birth_names_dataset.id]
uri = f"api/v1/dataset/export/?q={prison.dumps(argument)}"
self.login(username="admin")
self.login(ADMIN_USERNAME)
rv = self.get_assert_metric(uri, "export")
assert rv.status_code == 200
@ -1825,7 +1842,7 @@ class TestDatasetApi(SupersetTestCase):
# Just one does not exist and we get 404
argument = [max_id + 1, 1]
uri = f"api/v1/dataset/export/?q={prison.dumps(argument)}"
self.login(username="admin")
self.login(ADMIN_USERNAME)
rv = self.get_assert_metric(uri, "export")
assert rv.status_code == 404
@ -1840,7 +1857,7 @@ class TestDatasetApi(SupersetTestCase):
argument = [dataset.id]
uri = f"api/v1/dataset/export/?q={prison.dumps(argument)}"
self.login(username="gamma")
self.login(GAMMA_USERNAME)
rv = self.client.get(uri)
assert rv.status_code == 403
@ -1873,7 +1890,7 @@ class TestDatasetApi(SupersetTestCase):
argument = [birth_names_dataset.id]
uri = f"api/v1/dataset/export/?q={prison.dumps(argument)}"
self.login(username="admin")
self.login(ADMIN_USERNAME)
rv = self.get_assert_metric(uri, "export")
assert rv.status_code == 200
@ -1889,7 +1906,7 @@ class TestDatasetApi(SupersetTestCase):
# Just one does not exist and we get 404
argument = [-1, 1]
uri = f"api/v1/dataset/export/?q={prison.dumps(argument)}"
self.login(username="admin")
self.login(ADMIN_USERNAME)
rv = self.get_assert_metric(uri, "export")
assert rv.status_code == 404
@ -1905,7 +1922,7 @@ class TestDatasetApi(SupersetTestCase):
argument = [dataset.id]
uri = f"api/v1/dataset/export/?q={prison.dumps(argument)}"
self.login(username="gamma")
self.login(GAMMA_USERNAME)
rv = self.client.get(uri)
# gamma users by default do not have access to this dataset
assert rv.status_code == 403
@ -1918,7 +1935,7 @@ class TestDatasetApi(SupersetTestCase):
:return:
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
table = self.get_birth_names_dataset()
uri = f"api/v1/dataset/{table.id}/related_objects"
rv = self.get_assert_metric(uri, "related_objects")
@ -1936,12 +1953,12 @@ class TestDatasetApi(SupersetTestCase):
# id does not exist and we get 404
invalid_id = max_id + 1
uri = f"api/v1/dataset/{invalid_id}/related_objects/"
self.login(username="admin")
self.login(ADMIN_USERNAME)
rv = self.client.get(uri)
assert rv.status_code == 404
self.logout()
self.login(username="gamma")
self.login(GAMMA_USERNAME)
table = self.get_birth_names_dataset()
uri = f"api/v1/dataset/{table.id}/related_objects"
rv = self.client.get(uri)
@ -1958,7 +1975,7 @@ class TestDatasetApi(SupersetTestCase):
{"col": "sql", "opr": "dataset_is_null_or_empty", "value": False}
]
}
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/dataset/?q={prison.dumps(arguments)}"
rv = self.client.get(uri)
@ -1973,7 +1990,7 @@ class TestDatasetApi(SupersetTestCase):
{"col": "sql", "opr": "dataset_is_null_or_empty", "value": True}
]
}
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/dataset/?q={prison.dumps(arguments)}"
rv = self.client.get(uri)
assert rv.status_code == 200
@ -1987,7 +2004,7 @@ class TestDatasetApi(SupersetTestCase):
Dataset API: Test import dataset
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "api/v1/dataset/import/"
buf = self.create_dataset_import()
@ -2021,7 +2038,7 @@ class TestDatasetApi(SupersetTestCase):
def test_import_dataset_v0_export(self):
num_datasets = db.session.query(SqlaTable).count()
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "api/v1/dataset/import/"
buf = BytesIO()
@ -2050,7 +2067,7 @@ class TestDatasetApi(SupersetTestCase):
Dataset API: Test import existing dataset
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "api/v1/dataset/import/"
buf = self.create_dataset_import()
@ -2119,7 +2136,7 @@ class TestDatasetApi(SupersetTestCase):
Dataset API: Test import invalid dataset
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "api/v1/dataset/import/"
buf = BytesIO()
@ -2170,7 +2187,7 @@ class TestDatasetApi(SupersetTestCase):
Dataset API: Test import invalid dataset
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "api/v1/dataset/import/"
buf = BytesIO()
@ -2230,7 +2247,7 @@ class TestDatasetApi(SupersetTestCase):
arguments = {
"filters": [{"col": "id", "opr": "dataset_is_certified", "value": True}]
}
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/dataset/?q={prison.dumps(arguments)}"
rv = self.client.get(uri)
@ -2249,7 +2266,7 @@ class TestDatasetApi(SupersetTestCase):
dataset = self.get_fixture_virtual_datasets()[0]
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/dataset/duplicate"
table_data = {"base_model_id": dataset.id, "table_name": "Dupe1"}
rv = self.post_assert_metric(uri, table_data, "duplicate")
@ -2275,7 +2292,7 @@ class TestDatasetApi(SupersetTestCase):
dataset = self.get_fixture_datasets()[0]
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/dataset/duplicate"
table_data = {"base_model_id": dataset.id, "table_name": "Dupe2"}
rv = self.post_assert_metric(uri, table_data, "duplicate")
@ -2289,7 +2306,7 @@ class TestDatasetApi(SupersetTestCase):
dataset = self.get_fixture_virtual_datasets()[0]
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/dataset/duplicate"
table_data = {
"base_model_id": dataset.id,
@ -2303,7 +2320,7 @@ class TestDatasetApi(SupersetTestCase):
Dataset API: Test duplicate invalid dataset
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/dataset/duplicate"
table_data = {
"base_model_id": -1,
@ -2317,7 +2334,7 @@ class TestDatasetApi(SupersetTestCase):
"""
Dataset API: Test get or create endpoint when table already exists
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
rv = self.client.post(
"api/v1/dataset/get_or_create/",
json={
@ -2338,7 +2355,7 @@ class TestDatasetApi(SupersetTestCase):
"""
Dataset API: Test get or create endpoint when database doesn't exist
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
rv = self.client.post(
"api/v1/dataset/get_or_create/",
json={"table_name": "virtual_dataset", "database_id": 999},
@ -2353,7 +2370,7 @@ class TestDatasetApi(SupersetTestCase):
Dataset API: Test get or create endpoint when create fails
"""
command_run_mock.side_effect = DatasetCreateFailedError
self.login(username="admin")
self.login(ADMIN_USERNAME)
rv = self.client.post(
"api/v1/dataset/get_or_create/",
json={
@ -2369,7 +2386,7 @@ class TestDatasetApi(SupersetTestCase):
"""
Dataset API: Test get or create endpoint when table is created
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
examples_db = get_example_database()
with examples_db.get_sqla_engine_with_context() as engine:
@ -2408,7 +2425,7 @@ class TestDatasetApi(SupersetTestCase):
"""
Dataset API: Test warm up cache endpoint
"""
self.login()
self.login(ADMIN_USERNAME)
energy_table = self.get_energy_usage_dataset()
energy_charts = (
db.session.query(Slice)
@ -2488,7 +2505,7 @@ class TestDatasetApi(SupersetTestCase):
assert "viz_status" in chart_result
def test_warm_up_cache_db_and_table_name_required(self):
self.login()
self.login(ADMIN_USERNAME)
rv = self.client.put("/api/v1/dataset/warm_up_cache", json={"dashboard_id": 1})
self.assertEqual(rv.status_code, 400)
data = json.loads(rv.data.decode("utf-8"))
@ -2503,7 +2520,7 @@ class TestDatasetApi(SupersetTestCase):
)
def test_warm_up_cache_table_not_found(self):
self.login()
self.login(ADMIN_USERNAME)
rv = self.client.put(
"/api/v1/dataset/warm_up_cache",
json={"table_name": "not_here", "db_name": "abc"},

10
tests/integration_tests/datasets/commands_tests.py
View File

@ -545,15 +545,17 @@ def _get_table_from_list_by_name(name: str, tables: list[Any]):
class TestCreateDatasetCommand(SupersetTestCase):
def test_database_not_found(self):
self.login(username="admin")
@patch("superset.commands.utils.g")
def test_database_not_found(self, mock_g):
mock_g.user = security_manager.find_user("admin")
with self.assertRaises(DatasetInvalidError):
CreateDatasetCommand({"table_name": "table", "database": 9999}).run()
@patch("superset.commands.utils.g")
@patch("superset.models.core.Database.get_table")
def test_get_table_from_database_error(self, get_table_mock):
self.login(username="admin")
def test_get_table_from_database_error(self, get_table_mock, mock_g):
get_table_mock.side_effect = SQLAlchemyError
mock_g.user = security_manager.find_user("admin")
with self.assertRaises(DatasetInvalidError):
CreateDatasetCommand(
{"table_name": "table", "database": get_example_database().id}

29
tests/integration_tests/datasource/api_tests.py
View File

@ -23,6 +23,7 @@ from superset import db, security_manager
from superset.connectors.sqla.models import SqlaTable
from superset.daos.exceptions import DatasourceTypeNotSupportedError
from tests.integration_tests.base_tests import SupersetTestCase
from tests.integration_tests.constants import ADMIN_USERNAME, GAMMA_USERNAME
class TestDatasourceApi(SupersetTestCase):
@ -35,7 +36,7 @@ class TestDatasourceApi(SupersetTestCase):
@pytest.mark.usefixtures("app_context", "virtual_dataset")
def test_get_column_values_ints(self):
self.login(username="admin")
self.login(ADMIN_USERNAME)
table = self.get_virtual_dataset()
rv = self.client.get(f"api/v1/datasource/table/{table.id}/column/col1/values/")
self.assertEqual(rv.status_code, 200)
@ -45,7 +46,7 @@ class TestDatasourceApi(SupersetTestCase):
@pytest.mark.usefixtures("app_context", "virtual_dataset")
def test_get_column_values_strs(self):
self.login(username="admin")
self.login(ADMIN_USERNAME)
table = self.get_virtual_dataset()
rv = self.client.get(f"api/v1/datasource/table/{table.id}/column/col2/values/")
self.assertEqual(rv.status_code, 200)
@ -55,7 +56,7 @@ class TestDatasourceApi(SupersetTestCase):
@pytest.mark.usefixtures("app_context", "virtual_dataset")
def test_get_column_values_floats(self):
self.login(username="admin")
self.login(ADMIN_USERNAME)
table = self.get_virtual_dataset()
rv = self.client.get(f"api/v1/datasource/table/{table.id}/column/col3/values/")
self.assertEqual(rv.status_code, 200)
@ -65,7 +66,7 @@ class TestDatasourceApi(SupersetTestCase):
@pytest.mark.usefixtures("app_context", "virtual_dataset")
def test_get_column_values_nulls(self):
self.login(username="admin")
self.login(ADMIN_USERNAME)
table = self.get_virtual_dataset()
rv = self.client.get(f"api/v1/datasource/table/{table.id}/column/col4/values/")
self.assertEqual(rv.status_code, 200)
@ -74,7 +75,7 @@ class TestDatasourceApi(SupersetTestCase):
@pytest.mark.usefixtures("app_context", "virtual_dataset")
def test_get_column_values_integers_with_nulls(self):
self.login(username="admin")
self.login(ADMIN_USERNAME)
table = self.get_virtual_dataset()
rv = self.client.get(f"api/v1/datasource/table/{table.id}/column/col6/values/")
self.assertEqual(rv.status_code, 200)
@ -84,7 +85,7 @@ class TestDatasourceApi(SupersetTestCase):
@pytest.mark.usefixtures("app_context", "virtual_dataset")
def test_get_column_values_invalid_datasource_type(self):
self.login(username="admin")
self.login(ADMIN_USERNAME)
table = self.get_virtual_dataset()
rv = self.client.get(
f"api/v1/datasource/not_table/{table.id}/column/col1/values/"
@ -96,7 +97,7 @@ class TestDatasourceApi(SupersetTestCase):
@patch("superset.datasource.api.DatasourceDAO.get_datasource")
def test_get_column_values_datasource_type_not_supported(self, get_datasource_mock):
get_datasource_mock.side_effect = DatasourceTypeNotSupportedError
self.login(username="admin")
self.login(ADMIN_USERNAME)
rv = self.client.get("api/v1/datasource/table/1/column/col1/values/")
self.assertEqual(rv.status_code, 400)
response = json.loads(rv.data.decode("utf-8"))
@ -105,7 +106,7 @@ class TestDatasourceApi(SupersetTestCase):
)
def test_get_column_values_datasource_not_found(self):
self.login(username="admin")
self.login(ADMIN_USERNAME)
rv = self.client.get("api/v1/datasource/table/999/column/col1/values/")
self.assertEqual(rv.status_code, 404)
response = json.loads(rv.data.decode("utf-8"))
@ -120,7 +121,7 @@ class TestDatasourceApi(SupersetTestCase):
gamma_role = security_manager.find_role("Gamma")
security_manager.add_permission_role(gamma_role, perm)
self.login(username="gamma")
self.login(GAMMA_USERNAME)
table = self.get_virtual_dataset()
rv = self.client.get(f"api/v1/datasource/table/{table.id}/column/col1/values/")
self.assertEqual(rv.status_code, 403)
@ -137,7 +138,7 @@ class TestDatasourceApi(SupersetTestCase):
datasource.values_for_column.side_effect = NotImplementedError
get_datasource_mock.return_value = datasource
self.login(username="admin")
self.login(ADMIN_USERNAME)
rv = self.client.get("api/v1/datasource/sl_table/1/column/col1/values/")
self.assertEqual(rv.status_code, 400)
response = json.loads(rv.data.decode("utf-8"))
@ -149,7 +150,7 @@ class TestDatasourceApi(SupersetTestCase):
@pytest.mark.usefixtures("app_context", "virtual_dataset")
@patch("superset.models.helpers.ExploreMixin.values_for_column")
def test_get_column_values_normalize_columns_enabled(self, values_for_column_mock):
self.login(username="admin")
self.login(ADMIN_USERNAME)
table = self.get_virtual_dataset()
table.normalize_columns = True
rv = self.client.get(f"api/v1/datasource/table/{table.id}/column/col2/values/")
@ -162,7 +163,7 @@ class TestDatasourceApi(SupersetTestCase):
@pytest.mark.usefixtures("app_context", "virtual_dataset")
@patch("superset.db_engine_specs.base.BaseEngineSpec.denormalize_name")
def test_get_column_values_not_denormalize_column(self, denormalize_name_mock):
self.login(username="admin")
self.login(ADMIN_USERNAME)
table = self.get_virtual_dataset()
table.normalize_columns = True
rv = self.client.get(f"api/v1/datasource/table/{table.id}/column/col2/values/")
@ -171,7 +172,7 @@ class TestDatasourceApi(SupersetTestCase):
@pytest.mark.usefixtures("app_context", "virtual_dataset")
@patch("superset.models.helpers.ExploreMixin.values_for_column")
def test_get_column_values_normalize_columns_disabled(self, values_for_column_mock):
self.login(username="admin")
self.login(ADMIN_USERNAME)
table = self.get_virtual_dataset()
table.normalize_columns = False
rv = self.client.get(f"api/v1/datasource/table/{table.id}/column/col2/values/")
@ -184,7 +185,7 @@ class TestDatasourceApi(SupersetTestCase):
@pytest.mark.usefixtures("app_context", "virtual_dataset")
@patch("superset.db_engine_specs.base.BaseEngineSpec.denormalize_name")
def test_get_column_values_denormalize_column(self, denormalize_name_mock):
self.login(username="admin")
self.login(ADMIN_USERNAME)
table = self.get_virtual_dataset()
table.normalize_columns = False
rv = self.client.get(f"api/v1/datasource/table/{table.id}/column/col2/values/")

39
tests/integration_tests/datasource_tests.py
View File

@ -34,6 +34,7 @@ from superset.models.core import Database
from superset.utils.core import backend, get_example_default_schema
from superset.utils.database import get_example_database, get_main_database
from tests.integration_tests.base_tests import db_insert_temp_object, SupersetTestCase
from tests.integration_tests.constants import ADMIN_USERNAME
from tests.integration_tests.fixtures.birth_names_dashboard import (
load_birth_names_dashboard_with_slices,
load_birth_names_data,
@ -65,10 +66,11 @@ class TestDatasource(SupersetTestCase):
def tearDown(self):
db.session.rollback()
super().tearDown()
@pytest.mark.usefixtures("load_birth_names_dashboard_with_slices")
def test_external_metadata_for_physical_table(self):
self.login(username="admin")
self.login(ADMIN_USERNAME)
tbl = self.get_table(name="birth_names")
url = f"/datasource/external_metadata/table/{tbl.id}/"
resp = self.get_json_resp(url)
@ -78,7 +80,7 @@ class TestDatasource(SupersetTestCase):
)
def test_always_filter_main_dttm(self):
self.login(username="admin")
self.login(ADMIN_USERNAME)
database = get_example_database()
sql = f"SELECT DATE() as default_dttm, DATE() as additional_dttm, 1 as metric;"
@ -129,7 +131,7 @@ class TestDatasource(SupersetTestCase):
db.session.commit()
def test_external_metadata_for_virtual_table(self):
self.login(username="admin")
self.login(ADMIN_USERNAME)
table = SqlaTable(
table_name="dummy_sql_table",
database=get_example_database(),
@ -148,7 +150,7 @@ class TestDatasource(SupersetTestCase):
@pytest.mark.usefixtures("load_birth_names_dashboard_with_slices")
def test_external_metadata_by_name_for_physical_table(self):
self.login(username="admin")
self.login(ADMIN_USERNAME)
tbl = self.get_table(name="birth_names")
params = prison.dumps(
{
@ -168,7 +170,7 @@ class TestDatasource(SupersetTestCase):
)
def test_external_metadata_by_name_for_virtual_table(self):
self.login(username="admin")
self.login(ADMIN_USERNAME)
table = SqlaTable(
table_name="dummy_sql_table",
database=get_example_database(),
@ -196,7 +198,7 @@ class TestDatasource(SupersetTestCase):
db.session.commit()
def test_external_metadata_by_name_from_sqla_inspector(self):
self.login(username="admin")
self.login(ADMIN_USERNAME)
example_database = get_example_database()
with create_test_table_context(example_database):
params = prison.dumps(
@ -261,7 +263,7 @@ class TestDatasource(SupersetTestCase):
self.assertIn("error", resp)
def test_external_metadata_for_virtual_table_template_params(self):
self.login(username="admin")
self.login(ADMIN_USERNAME)
table = SqlaTable(
table_name="dummy_sql_table_with_template_params",
database=get_example_database(),
@ -280,7 +282,7 @@ class TestDatasource(SupersetTestCase):
db.session.commit()
def test_external_metadata_for_malicious_virtual_table(self):
self.login(username="admin")
self.login(ADMIN_USERNAME)
table = SqlaTable(
table_name="malicious_sql_table",
database=get_example_database(),
@ -293,7 +295,7 @@ class TestDatasource(SupersetTestCase):
self.assertEqual(resp["error"], "Only `SELECT` statements are allowed")
def test_external_metadata_for_multistatement_virtual_table(self):
self.login(username="admin")
self.login(ADMIN_USERNAME)
table = SqlaTable(
table_name="multistatement_sql_table",
database=get_example_database(),
@ -309,7 +311,7 @@ class TestDatasource(SupersetTestCase):
@pytest.mark.usefixtures("load_birth_names_dashboard_with_slices")
@mock.patch("superset.connectors.sqla.models.SqlaTable.external_metadata")
def test_external_metadata_error_return_400(self, mock_get_datasource):
self.login(username="admin")
self.login(ADMIN_USERNAME)
tbl = self.get_table(name="birth_names")
url = f"/datasource/external_metadata/table/{tbl.id}/"
@ -335,7 +337,7 @@ class TestDatasource(SupersetTestCase):
self.assertEqual(obj1.get(k), obj2.get(k))
def test_save(self):
self.login(username="admin")
self.login(ADMIN_USERNAME)
tbl_id = self.get_table(name="birth_names").id
datasource_post = get_datasource_post()
@ -357,7 +359,7 @@ class TestDatasource(SupersetTestCase):
self.assertEqual(resp[k], datasource_post[k])
def test_save_default_endpoint_validation_success(self):
self.login(username="admin")
self.login(ADMIN_USERNAME)
tbl_id = self.get_table(name="birth_names").id
datasource_post = get_datasource_post()
@ -375,9 +377,8 @@ class TestDatasource(SupersetTestCase):
@pytest.mark.usefixtures("load_birth_names_dashboard_with_slices")
def test_change_database(self):
self.login(username="admin")
admin_user = self.get_user("admin")
self.login(admin_user.username)
tbl = self.get_table(name="birth_names")
tbl_id = tbl.id
db_id = tbl.database_id
@ -397,8 +398,8 @@ class TestDatasource(SupersetTestCase):
self.delete_fake_db()
def test_save_duplicate_key(self):
self.login(username="admin")
admin_user = self.get_user("admin")
self.login(admin_user.username)
tbl_id = self.get_table(name="birth_names").id
datasource_post = get_datasource_post()
@ -427,8 +428,8 @@ class TestDatasource(SupersetTestCase):
self.assertIn("Duplicate column name(s): <new column>", resp["error"])
def test_get_datasource(self):
self.login(username="admin")
admin_user = self.get_user("admin")
self.login(admin_user.username)
tbl = self.get_table(name="birth_names")
datasource_post = get_datasource_post()
@ -459,7 +460,7 @@ class TestDatasource(SupersetTestCase):
return "Warning message!"
app.config["DATASET_HEALTH_CHECK"] = my_check
self.login(username="admin")
self.login(ADMIN_USERNAME)
tbl = self.get_table(name="birth_names")
datasource = db.session.query(SqlaTable).filter_by(id=tbl.id).one_or_none()
assert datasource.health_check_message == "Warning message!"
@ -473,7 +474,7 @@ class TestDatasource(SupersetTestCase):
lambda: DatasourceDAO.get_datasource("table", 9999999),
)
self.login(username="admin")
self.login(ADMIN_USERNAME)
resp = self.get_json_resp("/datasource/get/table/500000/", raise_on_error=False)
self.assertEqual(resp.get("error"), "Datasource does not exist")
@ -485,7 +486,7 @@ class TestDatasource(SupersetTestCase):
lambda: DatasourceDAO.get_datasource("druid", 9999999),
)
self.login(username="admin")
self.login(ADMIN_USERNAME)
resp = self.get_json_resp("/datasource/get/druid/500000/", raise_on_error=False)
self.assertEqual(resp.get("error"), "'druid' is not a valid DatasourceType")

9
tests/integration_tests/dynamic_plugins_tests.py
View File

@ -14,8 +14,9 @@
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
from .base_tests import SupersetTestCase
from .conftest import with_feature_flags
from tests.integration_tests.base_tests import SupersetTestCase
from tests.integration_tests.conftest import with_feature_flags
from tests.integration_tests.constants import ADMIN_USERNAME
class TestDynamicPlugins(SupersetTestCase):
@ -24,7 +25,7 @@ class TestDynamicPlugins(SupersetTestCase):
"""
Dynamic Plugins: Responds not found when disabled
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "/dynamic-plugins/api"
rv = self.client.get(uri)
self.assertEqual(rv.status_code, 404)
@ -34,7 +35,7 @@ class TestDynamicPlugins(SupersetTestCase):
"""
Dynamic Plugins: Responds successfully when enabled
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "/dynamic-plugins/api"
rv = self.client.get(uri)
self.assertEqual(rv.status_code, 200)

5
tests/integration_tests/embedded/api_tests.py
View File

@ -24,6 +24,7 @@ from superset import db
from superset.daos.dashboard import EmbeddedDashboardDAO
from superset.models.dashboard import Dashboard
from tests.integration_tests.base_tests import SupersetTestCase
from tests.integration_tests.constants import ADMIN_USERNAME
from tests.integration_tests.fixtures.birth_names_dashboard import (
load_birth_names_dashboard_with_slices,
load_birth_names_data,
@ -39,7 +40,7 @@ class TestEmbeddedDashboardApi(SupersetTestCase):
EMBEDDED_SUPERSET=True,
)
def test_get_embedded_dashboard(self):
self.login("admin")
self.login(ADMIN_USERNAME)
self.dash = db.session.query(Dashboard).filter_by(slug="births").first()
self.embedded = EmbeddedDashboardDAO.upsert(self.dash, [])
uri = f"api/v1/{self.resource_name}/{self.embedded.uuid}"
@ -47,7 +48,7 @@ class TestEmbeddedDashboardApi(SupersetTestCase):
self.assert200(response)
def test_get_embedded_dashboard_non_found(self):
self.login("admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/{self.resource_name}/bad-uuid"
response = self.client.get(uri)
self.assert404(response)

5
tests/integration_tests/fixtures/users.py
View File

@ -18,6 +18,7 @@ import pytest
from flask_appbuilder.security.sqla.models import Role, User
from superset import db, security_manager
from tests.integration_tests.constants import GAMMA_SQLLAB_NO_DATA_USERNAME
from tests.integration_tests.test_app import app
@ -30,7 +31,7 @@ def create_gamma_sqllab_no_data():
)
security_manager.add_user(
"gamma_sqllab_no_data",
GAMMA_SQLLAB_NO_DATA_USERNAME,
"gamma_sqllab_no_data",
"gamma_sqllab_no_data",
"gamma_sqllab_no_data@apache.org",
@ -41,7 +42,7 @@ def create_gamma_sqllab_no_data():
yield
user = (
db.session.query(User)
.filter(User.username == "gamma_sqllab_no_data")
.filter(User.username == GAMMA_SQLLAB_NO_DATA_USERNAME)
.one_or_none()
)
db.session.delete(user)

7
tests/integration_tests/import_export_tests.py
View File

@ -43,11 +43,12 @@ from superset.models.slice import Slice
from superset.utils.core import DatasourceType, get_example_default_schema
from superset.utils.database import get_example_database
from tests.integration_tests.base_tests import SupersetTestCase
from tests.integration_tests.constants import ADMIN_USERNAME
from tests.integration_tests.fixtures.world_bank_dashboard import (
load_world_bank_dashboard_with_slices,
load_world_bank_data,
)
from .base_tests import SupersetTestCase
def delete_imports():
@ -223,7 +224,7 @@ class TestImportExport(SupersetTestCase):
@unittest.skip("Schema needs to be updated")
@pytest.mark.usefixtures("load_birth_names_dashboard_with_slices")
def test_export_1_dashboard(self):
self.login("admin")
self.login(ADMIN_USERNAME)
birth_dash = self.get_dash_by_slug("births")
id_ = birth_dash.id
export_dash_url = f"/dashboard/export_dashboards_form?id={id_}&action=go"
@ -254,7 +255,7 @@ class TestImportExport(SupersetTestCase):
"load_birth_names_dashboard_with_slices",
)
def test_export_2_dashboards(self):
self.login("admin")
self.login(ADMIN_USERNAME)
birth_dash = self.get_dash_by_slug("births")
world_health_dash = self.get_dash_by_slug("world_health")
export_dash_url = (

30
tests/integration_tests/log_api_tests.py
View File

@ -28,11 +28,15 @@ from unittest.mock import patch
from superset import db
from superset.models.core import Log
from superset.views.log.api import LogRestApi
from tests.integration_tests.base_tests import SupersetTestCase
from tests.integration_tests.conftest import with_feature_flags
from tests.integration_tests.constants import (
ADMIN_USERNAME,
ALPHA_USERNAME,
GAMMA_USERNAME,
)
from tests.integration_tests.dashboard_utils import create_dashboard
from tests.integration_tests.test_app import app
from .base_tests import SupersetTestCase
EXPECTED_COLUMNS = [
"action",
@ -73,7 +77,7 @@ class TestLogApi(SupersetTestCase):
with patch.object(LogRestApi, "is_enabled", return_value=False):
admin_user = self.get_user("admin")
self.insert_log("some_action", admin_user)
self.login(username="admin")
self.login(ADMIN_USERNAME)
arguments = {"filters": [{"col": "action", "opr": "sw", "value": "some_"}]}
uri = f"api/v1/log/?q={prison.dumps(arguments)}"
rv = self.client.get(uri)
@ -85,7 +89,7 @@ class TestLogApi(SupersetTestCase):
"""
admin_user = self.get_user("admin")
log = self.insert_log("some_action", admin_user)
self.login(username="admin")
self.login(ADMIN_USERNAME)
arguments = {"filters": [{"col": "action", "opr": "sw", "value": "some_"}]}
uri = f"api/v1/log/?q={prison.dumps(arguments)}"
rv = self.client.get(uri)
@ -103,11 +107,11 @@ class TestLogApi(SupersetTestCase):
"""
admin_user = self.get_user("admin")
log = self.insert_log("action", admin_user)
self.login(username="gamma")
self.login(GAMMA_USERNAME)
uri = "api/v1/log/"
rv = self.client.get(uri)
self.assertEqual(rv.status_code, 403)
self.login(username="alpha")
self.login(ALPHA_USERNAME)
rv = self.client.get(uri)
self.assertEqual(rv.status_code, 403)
db.session.delete(log)
@ -119,7 +123,7 @@ class TestLogApi(SupersetTestCase):
"""
admin_user = self.get_user("admin")
log = self.insert_log("some_action", admin_user)
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/log/{log.id}"
rv = self.client.get(uri)
self.assertEqual(rv.status_code, 200)
@ -137,7 +141,7 @@ class TestLogApi(SupersetTestCase):
"""
admin_user = self.get_user("admin")
log = self.insert_log("action", admin_user)
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/log/{log.id}"
rv = self.client.delete(uri)
self.assertEqual(rv.status_code, 405)
@ -150,7 +154,7 @@ class TestLogApi(SupersetTestCase):
"""
admin_user = self.get_user("admin")
log = self.insert_log("action", admin_user)
self.login(username="admin")
self.login(ADMIN_USERNAME)
log_data = {"action": "some_action"}
uri = f"api/v1/log/{log.id}"
@ -164,7 +168,7 @@ class TestLogApi(SupersetTestCase):
Log API: Test recent activity endpoint
"""
admin_user = self.get_user("admin")
self.login(username="admin")
self.login(ADMIN_USERNAME)
dash = create_dashboard("dash_slug", "dash_title", "{}", [])
log1 = self.insert_log("dashboard", admin_user, dashboard_id=dash.id)
log2 = self.insert_log("dashboard", admin_user, dashboard_id=dash.id)
@ -200,7 +204,7 @@ class TestLogApi(SupersetTestCase):
Log API: Test recent activity actions argument
"""
admin_user = self.get_user("admin")
self.login(username="admin")
self.login(ADMIN_USERNAME)
dash = create_dashboard("dash_slug", "dash_title", "{}", [])
log = self.insert_log("dashboard", admin_user, dashboard_id=dash.id)
log2 = self.insert_log("explore", admin_user, dashboard_id=dash.id)
@ -225,7 +229,7 @@ class TestLogApi(SupersetTestCase):
db.session.query(Log).delete(synchronize_session=False)
db.session.commit()
admin_user = self.get_user("admin")
self.login(username="admin")
self.login(ADMIN_USERNAME)
dash = create_dashboard("dash_slug", "dash_title", "{}", [])
log = self.insert_log("dashboard", admin_user, dashboard_id=dash.id)
log2 = self.insert_log("dashboard", admin_user, dashboard_id=dash.id)
@ -247,7 +251,7 @@ class TestLogApi(SupersetTestCase):
Log API: Test recent activity pagination arguments
"""
admin_user = self.get_user("admin")
self.login(username="admin")
self.login(ADMIN_USERNAME)
dash = create_dashboard("dash_slug", "dash_title", "{}", [])
dash2 = create_dashboard("dash2_slug", "dash2_title", "{}", [])
dash3 = create_dashboard("dash3_slug", "dash3_title", "{}", [])

8
tests/integration_tests/log_model_view_tests.py
View File

@ -17,21 +17,21 @@
from unittest.mock import patch
from superset.views.log.views import LogModelView
from .base_tests import SupersetTestCase
from tests.integration_tests.base_tests import SupersetTestCase
from tests.integration_tests.constants import ADMIN_USERNAME
class TestLogModelView(SupersetTestCase):
def test_disabled(self):
with patch.object(LogModelView, "is_enabled", return_value=False):
self.login("admin")
self.login(ADMIN_USERNAME)
uri = "/logmodelview/list/"
rv = self.client.get(uri)
self.assert404(rv)
def test_enabled(self):
with patch.object(LogModelView, "is_enabled", return_value=True):
self.login("admin")
self.login(ADMIN_USERNAME)
uri = "/logmodelview/list/"
rv = self.client.get(uri)
self.assert200(rv)

27
tests/integration_tests/queries/api_tests.py
View File

@ -34,6 +34,7 @@ from superset.utils.database import get_example_database, get_main_database
from superset.models.sql_lab import Query
from tests.integration_tests.base_tests import SupersetTestCase
from tests.integration_tests.constants import ADMIN_USERNAME, GAMMA_SQLLAB_USERNAME
QUERIES_FIXTURE_COUNT = 10
@ -133,7 +134,7 @@ class TestQueryApi(SupersetTestCase):
select_sql="SELECT col1, col2 from table1",
executed_sql="SELECT col1, col2 from table1 LIMIT 100",
)
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/query/{query.id}"
rv = self.client.get(uri)
self.assertEqual(rv.status_code, 200)
@ -184,7 +185,7 @@ class TestQueryApi(SupersetTestCase):
client_id = self.get_random_string()
query = self.insert_query(get_example_database().id, admin.id, client_id)
max_id = db.session.query(func.max(Query.id)).scalar()
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/query/{max_id + 1}"
rv = self.client.get(uri)
self.assertEqual(rv.status_code, 404)
@ -237,7 +238,7 @@ class TestQueryApi(SupersetTestCase):
# Admin's have the "all query access" permission
self.logout()
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/query/{query_gamma1.id}"
rv = self.client.get(uri)
self.assertEqual(rv.status_code, 200)
@ -257,7 +258,7 @@ class TestQueryApi(SupersetTestCase):
"""
Query API: Test get list query
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "api/v1/query/"
rv = self.client.get(uri)
self.assertEqual(rv.status_code, 200)
@ -295,7 +296,7 @@ class TestQueryApi(SupersetTestCase):
"""
Query API: Test get list query filter
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
arguments = {"filters": [{"col": "sql", "opr": "ct", "value": "table2"}]}
uri = f"api/v1/query/?q={prison.dumps(arguments)}"
rv = self.client.get(uri)
@ -308,7 +309,7 @@ class TestQueryApi(SupersetTestCase):
"""
Query API: Test get list query filter database
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
database_id = get_main_database().id
arguments = {
"filters": [{"col": "database", "opr": "rel_o_m", "value": database_id}]
@ -324,7 +325,7 @@ class TestQueryApi(SupersetTestCase):
"""
Query API: Test get list query filter user
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
alpha_id = self.get_user("alpha").id
arguments = {"filters": [{"col": "user", "opr": "rel_o_m", "value": alpha_id}]}
uri = f"api/v1/query/?q={prison.dumps(arguments)}"
@ -338,7 +339,7 @@ class TestQueryApi(SupersetTestCase):
"""
Query API: Test get list query filter changed_on
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
arguments = {
"filters": [
{"col": "changed_on", "opr": "lt", "value": "2020-02-01T00:00:00Z"},
@ -356,7 +357,7 @@ class TestQueryApi(SupersetTestCase):
"""
Query API: Test get list query filter changed_on
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
order_columns = [
"changed_on",
"database.database_name",
@ -386,7 +387,7 @@ class TestQueryApi(SupersetTestCase):
sql="SELECT col1, col2 from table1",
)
self.login(username="gamma_sqllab")
self.login(GAMMA_SQLLAB_USERNAME)
arguments = {"filters": [{"col": "sql", "opr": "sw", "value": "SELECT col1"}]}
uri = f"api/v1/query/?q={prison.dumps(arguments)}"
rv = self.client.get(uri)
@ -427,7 +428,7 @@ class TestQueryApi(SupersetTestCase):
changed_on=now - timedelta(days=1),
)
self.login(username="admin")
self.login(ADMIN_USERNAME)
timestamp = datetime.timestamp(now - timedelta(days=2)) * 1000
uri = f"api/v1/query/updated_since?q={prison.dumps({'last_updated_ms': timestamp})}"
rv = self.client.get(uri)
@ -463,7 +464,7 @@ class TestQueryApi(SupersetTestCase):
form_data = {"client_id": "foo2"}
query_mock = mock.Mock()
query_mock.return_value = None
self.login(username="admin")
self.login(ADMIN_USERNAME)
mock_superset_db_session.query().filter_by().one_or_none = query_mock
mock_sql_lab_cancel_query.return_value = True
rv = self.client.post(
@ -487,7 +488,7 @@ class TestQueryApi(SupersetTestCase):
query_mock = mock.Mock()
query_mock.client_id = "foo"
query_mock.status = QueryStatus.RUNNING
self.login(username="admin")
self.login(ADMIN_USERNAME)
mock_superset_db_session.query().filter_by().one_or_none().return_value = (
query_mock
)

65
tests/integration_tests/queries/saved_queries/api_tests.py
View File

@ -36,6 +36,7 @@ from superset.models.sql_lab import SavedQuery
from superset.utils.database import get_example_database
from tests.integration_tests.base_tests import SupersetTestCase
from tests.integration_tests.constants import ADMIN_USERNAME, GAMMA_SQLLAB_USERNAME
from tests.integration_tests.fixtures.importexport import (
database_config,
saved_queries_config,
@ -132,7 +133,7 @@ class TestSavedQueryApi(SupersetTestCase):
db.session.query(SavedQuery).filter(SavedQuery.created_by == admin).all()
)
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/saved_query/"
rv = self.get_assert_metric(uri, "get_list")
assert rv.status_code == 200
@ -164,7 +165,7 @@ class TestSavedQueryApi(SupersetTestCase):
db.session.query(SavedQuery).filter(SavedQuery.created_by == user).all()
)
self.login(username=user.username)
self.login(user.username)
uri = f"api/v1/saved_query/"
rv = self.get_assert_metric(uri, "get_list")
assert rv.status_code == 200
@ -182,7 +183,7 @@ class TestSavedQueryApi(SupersetTestCase):
.filter(SavedQuery.created_by == admin)
.order_by(SavedQuery.schema.asc())
).all()
self.login(username="admin")
self.login(ADMIN_USERNAME)
query_string = {"order_column": "schema", "order_direction": "asc"}
uri = f"api/v1/saved_query/?q={prison.dumps(query_string)}"
rv = self.get_assert_metric(uri, "get_list")
@ -216,7 +217,7 @@ class TestSavedQueryApi(SupersetTestCase):
all_queries = (
db.session.query(SavedQuery).filter(SavedQuery.label.ilike("%2%")).all()
)
self.login(username="admin")
self.login(ADMIN_USERNAME)
query_string = {
"filters": [{"col": "label", "opr": "ct", "value": "2"}],
}
@ -241,7 +242,7 @@ class TestSavedQueryApi(SupersetTestCase):
.all()
)
self.login(username="admin")
self.login(ADMIN_USERNAME)
query_string = {
"filters": [{"col": "database", "opr": "rel_o_m", "value": example_db.id}],
}
@ -266,7 +267,7 @@ class TestSavedQueryApi(SupersetTestCase):
.all()
)
self.login(username="admin")
self.login(ADMIN_USERNAME)
query_string = {
"filters": [{"col": "schema", "opr": "eq", "value": schema_name}],
}
@ -281,7 +282,7 @@ class TestSavedQueryApi(SupersetTestCase):
"""
Saved Query API: Test get list and custom filter (schema) saved query
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
admin = self.get_user("admin")
all_queries = (
@ -304,7 +305,7 @@ class TestSavedQueryApi(SupersetTestCase):
"""
Saved Query API: Test get list and custom filter (label) saved query
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
admin = self.get_user("admin")
all_queries = (
db.session.query(SavedQuery)
@ -326,7 +327,7 @@ class TestSavedQueryApi(SupersetTestCase):
"""
Saved Query API: Test get list and custom filter (sql) saved query
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
admin = self.get_user("admin")
all_queries = (
db.session.query(SavedQuery)
@ -348,7 +349,7 @@ class TestSavedQueryApi(SupersetTestCase):
"""
Saved Query API: Test get list and custom filter (description) saved query
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
admin = self.get_user("admin")
all_queries = (
db.session.query(SavedQuery)
@ -388,7 +389,7 @@ class TestSavedQueryApi(SupersetTestCase):
"keys": ["none"],
"columns": ["label"],
}
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/saved_query/?q={prison.dumps(arguments)}"
rv = self.client.get(uri)
data = json.loads(rv.data.decode("utf-8"))
@ -421,7 +422,7 @@ class TestSavedQueryApi(SupersetTestCase):
"""
SavedQuery API: Test info
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "api/v1/saved_query/_info"
rv = self.get_assert_metric(uri, "info")
assert rv.status_code == 200
@ -430,7 +431,7 @@ class TestSavedQueryApi(SupersetTestCase):
"""
SavedQuery API: Test info security
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
params = {"keys": ["permissions"]}
uri = f"api/v1/saved_query/_info?q={prison.dumps(params)}"
rv = self.get_assert_metric(uri, "info")
@ -442,7 +443,7 @@ class TestSavedQueryApi(SupersetTestCase):
"""
SavedQuery API: Test related databases
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
databases = db.session.query(Database).all()
expected_result = {
"count": len(databases),
@ -462,7 +463,7 @@ class TestSavedQueryApi(SupersetTestCase):
"""
SavedQuery API: Test related user not found
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/saved_query/related/user"
rv = self.client.get(uri)
assert rv.status_code == 404
@ -477,7 +478,7 @@ class TestSavedQueryApi(SupersetTestCase):
db.session.query(SavedQuery).filter(SavedQuery.created_by == admin).all()
)
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/saved_query/distinct/schema"
rv = self.client.get(uri)
assert rv.status_code == 200
@ -495,7 +496,7 @@ class TestSavedQueryApi(SupersetTestCase):
"""
SavedQuery API: Test related user not allowed
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/saved_query/wrong"
rv = self.client.get(uri)
assert rv.status_code == 405
@ -508,7 +509,7 @@ class TestSavedQueryApi(SupersetTestCase):
saved_query = (
db.session.query(SavedQuery).filter(SavedQuery.label == "label1").all()[0]
)
self.login(username="admin")
self.login(ADMIN_USERNAME)
with freeze_time(datetime.now()):
uri = f"api/v1/saved_query/{saved_query.id}"
rv = self.get_assert_metric(uri, "get")
@ -542,7 +543,7 @@ class TestSavedQueryApi(SupersetTestCase):
"""
query = self.insert_default_saved_query()
max_id = db.session.query(func.max(SavedQuery.id)).scalar()
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/saved_query/{max_id + 1}"
rv = self.client.get(uri)
assert rv.status_code == 404
@ -564,7 +565,7 @@ class TestSavedQueryApi(SupersetTestCase):
"db_id": example_db.id,
}
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/saved_query/"
rv = self.client.post(uri, json=post_data)
data = json.loads(rv.data.decode("utf-8"))
@ -593,7 +594,7 @@ class TestSavedQueryApi(SupersetTestCase):
"label": "label_changed",
}
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/saved_query/{saved_query.id}"
rv = self.client.put(uri, json=put_data)
assert rv.status_code == 200
@ -608,7 +609,7 @@ class TestSavedQueryApi(SupersetTestCase):
Saved Query API: Test update not found
"""
max_id = db.session.query(func.max(SavedQuery.id)).scalar()
self.login(username="admin")
self.login(ADMIN_USERNAME)
put_data = {
"schema": "schema_changed",
@ -628,7 +629,7 @@ class TestSavedQueryApi(SupersetTestCase):
db.session.query(SavedQuery).filter(SavedQuery.label == "label1").all()[0]
)
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/saved_query/{saved_query.id}"
rv = self.client.delete(uri)
assert rv.status_code == 200
@ -642,7 +643,7 @@ class TestSavedQueryApi(SupersetTestCase):
Saved Query API: Test delete not found
"""
max_id = db.session.query(func.max(SavedQuery.id)).scalar()
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/saved_query/{max_id + 1}"
rv = self.client.delete(uri)
assert rv.status_code == 404
@ -658,7 +659,7 @@ class TestSavedQueryApi(SupersetTestCase):
)
saved_query_ids = [saved_query.id for saved_query in saved_queries]
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/saved_query/?q={prison.dumps(saved_query_ids)}"
rv = self.delete_assert_metric(uri, "bulk_delete")
assert rv.status_code == 200
@ -678,7 +679,7 @@ class TestSavedQueryApi(SupersetTestCase):
saved_query = db.session.query(SavedQuery).first()
saved_query_ids = [saved_query.id]
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/saved_query/?q={prison.dumps(saved_query_ids)}"
rv = self.delete_assert_metric(uri, "bulk_delete")
assert rv.status_code == 200
@ -693,7 +694,7 @@ class TestSavedQueryApi(SupersetTestCase):
Saved Query API: Test delete bulk bad request
"""
saved_query_ids = [1, "a"]
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/saved_query/?q={prison.dumps(saved_query_ids)}"
rv = self.delete_assert_metric(uri, "bulk_delete")
assert rv.status_code == 400
@ -706,7 +707,7 @@ class TestSavedQueryApi(SupersetTestCase):
max_id = db.session.query(func.max(SavedQuery.id)).scalar()
saved_query_ids = [max_id + 1, max_id + 2]
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/saved_query/?q={prison.dumps(saved_query_ids)}"
rv = self.delete_assert_metric(uri, "bulk_delete")
assert rv.status_code == 404
@ -721,7 +722,7 @@ class TestSavedQueryApi(SupersetTestCase):
db.session.query(SavedQuery).filter(SavedQuery.created_by == admin).first()
)
self.login(username="admin")
self.login(ADMIN_USERNAME)
argument = [sample_query.id]
uri = f"api/v1/saved_query/export/?q={prison.dumps(argument)}"
rv = self.client.get(uri)
@ -736,7 +737,7 @@ class TestSavedQueryApi(SupersetTestCase):
"""
max_id = db.session.query(func.max(SavedQuery.id)).scalar()
self.login(username="admin")
self.login(ADMIN_USERNAME)
argument = [max_id + 1, max_id + 2]
uri = f"api/v1/saved_query/export/?q={prison.dumps(argument)}"
rv = self.client.get(uri)
@ -752,7 +753,7 @@ class TestSavedQueryApi(SupersetTestCase):
db.session.query(SavedQuery).filter(SavedQuery.created_by == admin).first()
)
self.login(username="gamma_sqllab")
self.login(GAMMA_SQLLAB_USERNAME)
argument = [sample_query.id]
uri = f"api/v1/saved_query/export/?q={prison.dumps(argument)}"
rv = self.client.get(uri)
@ -779,7 +780,7 @@ class TestSavedQueryApi(SupersetTestCase):
"""
Saved Query API: Test import
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "api/v1/saved_query/import/"
buf = self.create_saved_query_import()

1
tests/integration_tests/queries/saved_queries/commands_tests.py
View File

@ -55,6 +55,7 @@ class TestExportSavedQueriesCommand(SupersetTestCase):
def tearDown(self):
db.session.delete(self.example_query)
db.session.commit()
super().tearDown()
@patch("superset.queries.saved_queries.filters.g")
def test_export_query_command(self, mock_g):

18
tests/integration_tests/query_context_tests.py
View File

@ -135,7 +135,6 @@ class TestQueryContext(SupersetTestCase):
self.assertFalse(rehydrated_qc.force)
def test_query_cache_key_changes_when_datasource_is_updated(self):
self.login(username="admin")
payload = get_query_context("birth_names")
# construct baseline query_cache_key
@ -163,7 +162,6 @@ class TestQueryContext(SupersetTestCase):
self.assertNotEqual(cache_key_original, cache_key_new)
def test_query_cache_key_changes_when_metric_is_updated(self):
self.login(username="admin")
payload = get_query_context("birth_names")
# make temporary change and revert it to refresh the changed_on property
@ -198,7 +196,6 @@ class TestQueryContext(SupersetTestCase):
self.assertNotEqual(cache_key_original, cache_key_new)
def test_query_cache_key_does_not_change_for_non_existent_or_null(self):
self.login(username="admin")
payload = get_query_context("birth_names", add_postprocessing_operations=True)
del payload["queries"][0]["granularity"]
@ -214,7 +211,6 @@ class TestQueryContext(SupersetTestCase):
assert query_context.query_cache_key(query_object) == cache_key_original
def test_query_cache_key_changes_when_post_processing_is_updated(self):
self.login(username="admin")
payload = get_query_context("birth_names", add_postprocessing_operations=True)
# construct baseline query_cache_key from query_context with post processing operation
@ -237,7 +233,6 @@ class TestQueryContext(SupersetTestCase):
self.assertNotEqual(cache_key_original, cache_key)
def test_query_cache_key_changes_when_time_offsets_is_updated(self):
self.login(username="admin")
payload = get_query_context("birth_names", add_time_offsets=True)
query_context = ChartDataQueryContextSchema().load(payload)
@ -254,7 +249,6 @@ class TestQueryContext(SupersetTestCase):
"""
Should support both predefined and adhoc metrics.
"""
self.login(username="admin")
adhoc_metric = {
"expressionType": "SIMPLE",
"column": {"column_name": "num_boys", "type": "BIGINT(20)"},
@ -272,7 +266,6 @@ class TestQueryContext(SupersetTestCase):
"""
Ensure that deprecated fields are converted correctly
"""
self.login(username="admin")
payload = get_query_context("birth_names")
columns = payload["queries"][0]["columns"]
payload["queries"][0]["groupby"] = columns
@ -294,7 +287,6 @@ class TestQueryContext(SupersetTestCase):
"""
Ensure that CSV result format works
"""
self.login(username="admin")
payload = get_query_context("birth_names")
payload["result_format"] = ChartDataResultFormat.CSV.value
payload["queries"][0]["row_limit"] = 10
@ -309,7 +301,6 @@ class TestQueryContext(SupersetTestCase):
"""
Ensure that calling invalid columns names in groupby are caught
"""
self.login(username="admin")
payload = get_query_context("birth_names")
payload["queries"][0]["groupby"] = ["currentDatabase()"]
query_context = ChartDataQueryContextSchema().load(payload)
@ -320,7 +311,6 @@ class TestQueryContext(SupersetTestCase):
"""
Ensure that calling invalid column names in columns are caught
"""
self.login(username="admin")
payload = get_query_context("birth_names")
payload["queries"][0]["groupby"] = []
payload["queries"][0]["metrics"] = []
@ -333,7 +323,6 @@ class TestQueryContext(SupersetTestCase):
"""
Ensure that calling invalid column names in filters are caught
"""
self.login(username="admin")
payload = get_query_context("birth_names")
payload["queries"][0]["groupby"] = ["name"]
payload["queries"][0]["metrics"] = [
@ -353,7 +342,6 @@ class TestQueryContext(SupersetTestCase):
"""
Ensure that samples result type works
"""
self.login(username="admin")
payload = get_query_context("birth_names")
payload["result_type"] = ChartDataResultType.SAMPLES.value
payload["queries"][0]["row_limit"] = 5
@ -370,7 +358,6 @@ class TestQueryContext(SupersetTestCase):
"""
Ensure that query result type works
"""
self.login(username="admin")
payload = get_query_context("birth_names")
sql_text = get_sql_text(payload)
@ -387,7 +374,6 @@ class TestQueryContext(SupersetTestCase):
"""
Should properly handle sort by metrics in various scenarios.
"""
self.login(username="admin")
sql_text = get_sql_text(get_query_context("birth_names"))
if backend() == "hive":
@ -476,7 +462,6 @@ class TestQueryContext(SupersetTestCase):
"""
Ensure that fetch values predicate is added to query if needed
"""
self.login(username="admin")
payload = get_query_context("birth_names")
sql_text = get_sql_text(payload)
@ -491,7 +476,6 @@ class TestQueryContext(SupersetTestCase):
Ensure that query objects with unknown fields don't raise an Exception and
have an identical cache key as one without the unknown field
"""
self.login(username="admin")
payload = get_query_context("birth_names")
query_context = ChartDataQueryContextSchema().load(payload)
responses = query_context.get_payload()
@ -507,7 +491,6 @@ class TestQueryContext(SupersetTestCase):
"""
Ensure that time_offsets can generate the correct query
"""
self.login(username="admin")
payload = get_query_context("birth_names")
payload["queries"][0]["metrics"] = ["sum__num"]
payload["queries"][0]["groupby"] = ["name"]
@ -545,7 +528,6 @@ class TestQueryContext(SupersetTestCase):
"""
Ensure that time_offsets can generate the correct query
"""
self.login(username="admin")
payload = get_query_context("birth_names")
payload["queries"][0]["metrics"] = ["sum__num"]
# should process empty dateframe correctly

81
tests/integration_tests/reports/api_tests.py
View File

@ -42,6 +42,7 @@ from superset.reports.models import (
from superset.utils.database import get_example_database
from tests.integration_tests.base_tests import SupersetTestCase
from tests.integration_tests.conftest import with_feature_flags
from tests.integration_tests.constants import ADMIN_USERNAME, GAMMA_USERNAME
from tests.integration_tests.fixtures.birth_names_dashboard import (
load_birth_names_dashboard_with_slices,
load_birth_names_data,
@ -238,7 +239,7 @@ class TestReportSchedulesApi(SupersetTestCase):
.first()
)
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/report/{report_schedule.id}"
rv = self.client.get(uri)
assert rv.status_code == 404
@ -254,7 +255,7 @@ class TestReportSchedulesApi(SupersetTestCase):
.first()
)
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/report/{report_schedule.id}"
rv = self.get_assert_metric(uri, "get")
data = json.loads(rv.data.decode("utf-8"))
@ -309,7 +310,7 @@ class TestReportSchedulesApi(SupersetTestCase):
"""
ReportSchedule API: Test info
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/report/_info"
rv = self.get_assert_metric(uri, "info")
assert rv.status_code == 200
@ -318,7 +319,7 @@ class TestReportSchedulesApi(SupersetTestCase):
"""
ReportSchedule API: Test info security
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
params = {"keys": ["permissions"]}
uri = f"api/v1/report/_info?q={prison.dumps(params)}"
rv = self.get_assert_metric(uri, "info")
@ -334,7 +335,7 @@ class TestReportSchedulesApi(SupersetTestCase):
ReportSchedule Api: Test get report schedule not found
"""
max_id = db.session.query(func.max(ReportSchedule.id)).scalar()
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/report/{max_id + 1}"
rv = self.get_assert_metric(uri, "get")
assert rv.status_code == 404
@ -344,7 +345,7 @@ class TestReportSchedulesApi(SupersetTestCase):
"""
ReportSchedule Api: Test get list report schedules
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/report/"
rv = self.get_assert_metric(uri, "get_list")
@ -423,7 +424,7 @@ class TestReportSchedulesApi(SupersetTestCase):
"""
ReportSchedule Api: Test get list report schedules for different roles
"""
self.login(username=username)
self.login(username)
uri = f"api/v1/report/"
rv = self.get_assert_metric(uri, "get_list")
@ -435,7 +436,7 @@ class TestReportSchedulesApi(SupersetTestCase):
"""
ReportSchedule Api: Test get list report schedules for regular gamma user
"""
self.login(username="gamma")
self.login(GAMMA_USERNAME)
uri = f"api/v1/report/"
rv = self.client.get(uri)
@ -446,7 +447,7 @@ class TestReportSchedulesApi(SupersetTestCase):
"""
ReportSchedule Api: Test sorting on get list report schedules
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "api/v1/report/"
order_columns = [
@ -475,7 +476,7 @@ class TestReportSchedulesApi(SupersetTestCase):
"""
ReportSchedule Api: Test filter name on get list report schedules
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
# Test normal contains filter
arguments = {
"columns": ["name"],
@ -497,7 +498,7 @@ class TestReportSchedulesApi(SupersetTestCase):
"""
ReportSchedule Api: Test custom filter on get list report schedules
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
# Test custom all text filter
arguments = {
"columns": ["name"],
@ -519,7 +520,7 @@ class TestReportSchedulesApi(SupersetTestCase):
"""
ReportSchedule Api: Test active filter on get list report schedules
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
arguments = {
"columns": ["name"],
"filters": [{"col": "active", "opr": "eq", "value": True}],
@ -536,7 +537,7 @@ class TestReportSchedulesApi(SupersetTestCase):
"""
ReportSchedule Api: Test type filter on get list report schedules
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
arguments = {
"columns": ["name"],
"filters": [
@ -569,7 +570,7 @@ class TestReportSchedulesApi(SupersetTestCase):
"""
ReportSchedule Api: Test get related report schedule
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
related_columns = ["created_by", "chart", "dashboard", "database"]
for related_column in related_columns:
uri = f"api/v1/report/related/{related_column}"
@ -581,7 +582,7 @@ class TestReportSchedulesApi(SupersetTestCase):
"""
ReportSchedule Api: Test create report schedule
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
chart = db.session.query(Slice).first()
example_db = get_example_database()
@ -629,7 +630,7 @@ class TestReportSchedulesApi(SupersetTestCase):
"""
ReportSchedule Api: Test create report schedule uniqueness
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
chart = db.session.query(Slice).first()
example_db = get_example_database()
@ -674,7 +675,7 @@ class TestReportSchedulesApi(SupersetTestCase):
"""
ReportSchedule Api: Test create report schedule schema check
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
chart = db.session.query(Slice).first()
dashboard = db.session.query(Dashboard).first()
example_db = get_example_database()
@ -913,7 +914,7 @@ class TestReportSchedulesApi(SupersetTestCase):
"""
ReportSchedule Api: Test create report schedule with unsaved chart
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
chart = db.session.query(Slice).first()
dashboard = db.session.query(Dashboard).first()
example_db = get_example_database()
@ -942,7 +943,7 @@ class TestReportSchedulesApi(SupersetTestCase):
"""
ReportSchedule Api: Test create report schedule with no dashboard id
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
chart = db.session.query(Slice).first()
dashboard = db.session.query(Dashboard).first()
example_db = get_example_database()
@ -969,7 +970,7 @@ class TestReportSchedulesApi(SupersetTestCase):
"""
ReportSchedule Api: Test create multiple reports with the same creation method
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
chart = db.session.query(Slice).first()
dashboard = db.session.query(Dashboard).first()
example_db = get_example_database()
@ -1027,7 +1028,7 @@ class TestReportSchedulesApi(SupersetTestCase):
"""
ReportSchedule Api: Test create multiple reports with the same creation method
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
chart = db.session.query(Slice).first()
dashboard = db.session.query(Dashboard).first()
example_db = get_example_database()
@ -1083,7 +1084,7 @@ class TestReportSchedulesApi(SupersetTestCase):
"""
ReportSchedule Api: Test create report schedule chart and dashboard validation
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
# Test we can submit a chart or a dashboard not both
chart = db.session.query(Slice).first()
@ -1110,7 +1111,7 @@ class TestReportSchedulesApi(SupersetTestCase):
"""
ReportSchedule Api: Test create report schedule chart and database validation
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
# Test database required for alerts
chart = db.session.query(Slice).first()
@ -1134,7 +1135,7 @@ class TestReportSchedulesApi(SupersetTestCase):
ReportSchedule Api: Test create report schedule
relations (chart, dash, db) exist
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
# Test chart and database do not exist
chart_max_id = db.session.query(func.max(Slice.id)).scalar()
@ -1183,7 +1184,7 @@ class TestReportSchedulesApi(SupersetTestCase):
# """
# ReportSchedule Api: Test create report schedule
# """
# self.login(username="admin")
# self.login(ADMIN_USERNAME)
# chart = db.session.query(Slice).first()
# example_db = get_example_database()
@ -1220,7 +1221,7 @@ class TestReportSchedulesApi(SupersetTestCase):
"""
ReportSchedule API: Test create report schedule
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
chart = db.session.query(Slice).first()
example_db = get_example_database()
@ -1268,7 +1269,7 @@ class TestReportSchedulesApi(SupersetTestCase):
.one_or_none()
)
self.login(username="admin")
self.login(ADMIN_USERNAME)
chart = db.session.query(Slice).first()
example_db = get_example_database()
report_schedule_data = {
@ -1310,7 +1311,7 @@ class TestReportSchedulesApi(SupersetTestCase):
.one_or_none()
)
self.login(username="admin")
self.login(ADMIN_USERNAME)
report_schedule_data = {"active": False}
uri = f"api/v1/report/{report_schedule.id}"
rv = self.put_assert_metric(uri, report_schedule_data, "put")
@ -1333,7 +1334,7 @@ class TestReportSchedulesApi(SupersetTestCase):
.one_or_none()
)
self.login(username="admin")
self.login(ADMIN_USERNAME)
report_schedule_data = {"name": "name3", "description": "changed_description"}
uri = f"api/v1/report/{report_schedule.id}"
rv = self.put_assert_metric(uri, report_schedule_data, "put")
@ -1348,7 +1349,7 @@ class TestReportSchedulesApi(SupersetTestCase):
"""
max_id = db.session.query(func.max(ReportSchedule.id)).scalar()
self.login(username="admin")
self.login(ADMIN_USERNAME)
report_schedule_data = {"name": "changed"}
uri = f"api/v1/report/{max_id + 1}"
rv = self.client.put(uri, json=report_schedule_data)
@ -1361,7 +1362,7 @@ class TestReportSchedulesApi(SupersetTestCase):
"""
ReportSchedule Api: Test update report schedule chart and dashboard validation
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
report_schedule = (
db.session.query(ReportSchedule)
@ -1391,7 +1392,7 @@ class TestReportSchedulesApi(SupersetTestCase):
ReportSchedule Api: Test update report schedule relations exist
relations (chart, dash, db) exist
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
report_schedule = (
db.session.query(ReportSchedule)
@ -1555,7 +1556,7 @@ class TestReportSchedulesApi(SupersetTestCase):
.filter(ReportSchedule.name == "name1")
.one_or_none()
)
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/report/{report_schedule.id}"
rv = self.delete_assert_metric(uri, "delete")
assert rv.status_code == 200
@ -1582,7 +1583,7 @@ class TestReportSchedulesApi(SupersetTestCase):
ReportSchedule Api: Test delete report schedule not found
"""
max_id = db.session.query(func.max(ReportSchedule.id)).scalar()
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/report/{max_id + 1}"
rv = self.delete_assert_metric(uri, "delete")
assert rv.status_code == 404
@ -1615,7 +1616,7 @@ class TestReportSchedulesApi(SupersetTestCase):
report_schedules_ids = [
report_schedule.id for report_schedule in report_schedules
]
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/report/?q={prison.dumps(report_schedules_ids)}"
rv = self.delete_assert_metric(uri, "bulk_delete")
assert rv.status_code == 200
@ -1638,7 +1639,7 @@ class TestReportSchedulesApi(SupersetTestCase):
]
max_id = db.session.query(func.max(ReportSchedule.id)).scalar()
report_schedules_ids.append(max_id + 1)
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/report/?q={prison.dumps(report_schedules_ids)}"
rv = self.delete_assert_metric(uri, "bulk_delete")
assert rv.status_code == 404
@ -1672,7 +1673,7 @@ class TestReportSchedulesApi(SupersetTestCase):
.one_or_none()
)
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/report/{report_schedule.id}/log/"
rv = self.client.get(uri)
assert rv.status_code == 200
@ -1690,7 +1691,7 @@ class TestReportSchedulesApi(SupersetTestCase):
.one_or_none()
)
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/report/{report_schedule.id}/log/"
order_columns = [
@ -1721,7 +1722,7 @@ class TestReportSchedulesApi(SupersetTestCase):
.one_or_none()
)
self.login(username="admin")
self.login(ADMIN_USERNAME)
arguments = {
"columns": ["name"],
"filters": [{"col": "state", "opr": "eq", "value": ReportState.SUCCESS}],
@ -1746,7 +1747,7 @@ class TestReportSchedulesApi(SupersetTestCase):
data = {"state": ReportState.ERROR, "error_message": "New error changed"}
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/report/{report_schedule.id}/log/"
rv = self.client.post(uri, json=data)
assert rv.status_code == 405

13
tests/integration_tests/security/api_tests.py
View File

@ -27,6 +27,7 @@ from superset.daos.dashboard import EmbeddedDashboardDAO
from superset.models.dashboard import Dashboard
from superset.utils.urls import get_url_host
from tests.integration_tests.base_tests import SupersetTestCase
from tests.integration_tests.constants import ADMIN_USERNAME, GAMMA_USERNAME
from tests.integration_tests.fixtures.birth_names_dashboard import (
load_birth_names_dashboard_with_slices,
load_birth_names_data,
@ -47,21 +48,20 @@ class TestSecurityCsrfApi(SupersetTestCase):
"""
Security API: Test get CSRF token
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
self._assert_get_csrf_token()
def test_get_csrf_token_gamma(self):
"""
Security API: Test get CSRF token by gamma
"""
self.login(username="gamma")
self.login(GAMMA_USERNAME)
self._assert_get_csrf_token()
def test_get_csrf_unauthorized(self):
"""
Security API: Test get CSRF no login
"""
self.logout()
uri = f"api/v1/{self.resource_name}/csrf_token/"
response = self.client.get(uri)
self.assert401(response)
@ -74,7 +74,6 @@ class TestSecurityGuestTokenApi(SupersetTestCase):
"""
Security API: Cannot create a guest token without authentication
"""
self.logout()
response = self.client.post(self.uri)
self.assert401(response)
@ -82,7 +81,7 @@ class TestSecurityGuestTokenApi(SupersetTestCase):
"""
Security API: Cannot create a guest token without authorization
"""
self.login(username="gamma")
self.login(GAMMA_USERNAME)
response = self.client.post(self.uri)
self.assert403(response)
@ -90,7 +89,7 @@ class TestSecurityGuestTokenApi(SupersetTestCase):
def test_post_guest_token_authorized(self):
self.dash = db.session.query(Dashboard).filter_by(slug="births").first()
self.embedded = EmbeddedDashboardDAO.upsert(self.dash, [])
self.login(username="admin")
self.login(ADMIN_USERNAME)
user = {"username": "bob", "first_name": "Bob", "last_name": "Also Bob"}
resource = {"type": "dashboard", "id": str(self.embedded.uuid)}
rls_rule = {"dataset": 1, "clause": "1=1"}
@ -113,7 +112,7 @@ class TestSecurityGuestTokenApi(SupersetTestCase):
@pytest.mark.usefixtures("load_birth_names_dashboard_with_slices")
def test_post_guest_token_bad_resources(self):
self.login(username="admin")
self.login(ADMIN_USERNAME)
user = {"username": "bob", "first_name": "Bob", "last_name": "Also Bob"}
resource = {"type": "dashboard", "id": "bad-id"}
rls_rule = {"dataset": 1, "clause": "1=1"}

45
tests/integration_tests/security/row_level_security_tests.py
View File

@ -32,8 +32,9 @@ from superset.security.guest_token import (
)
from flask_babel import lazy_gettext as _
from flask_appbuilder.models.sqla import filters
from ..conftest import with_config
from ..base_tests import SupersetTestCase
from tests.integration_tests.base_tests import SupersetTestCase
from tests.integration_tests.conftest import with_config
from tests.integration_tests.constants import ADMIN_USERNAME
from tests.integration_tests.fixtures.birth_names_dashboard import (
load_birth_names_dashboard_with_slices,
load_birth_names_data,
@ -173,7 +174,7 @@ class TestRowLevelSecurity(SupersetTestCase):
@pytest.mark.usefixtures("create_dataset")
def test_model_view_rls_add_success(self):
self.login(username="admin")
self.login(ADMIN_USERNAME)
test_dataset = self._get_test_dataset()
rv = self.client.post(
"/api/v1/rowlevelsecurity/",
@ -199,7 +200,7 @@ class TestRowLevelSecurity(SupersetTestCase):
@pytest.mark.usefixtures("create_dataset")
def test_model_view_rls_add_name_unique(self):
self.login(username="admin")
self.login(ADMIN_USERNAME)
test_dataset = self._get_test_dataset()
rv = self.client.post(
"/api/v1/rowlevelsecurity/",
@ -219,7 +220,7 @@ class TestRowLevelSecurity(SupersetTestCase):
@pytest.mark.usefixtures("create_dataset")
def test_model_view_rls_add_tables_required(self):
self.login(username="admin")
self.login(ADMIN_USERNAME)
rv = self.client.post(
"/api/v1/rowlevelsecurity/",
json={
@ -246,9 +247,7 @@ class TestRowLevelSecurity(SupersetTestCase):
@pytest.mark.usefixtures("load_energy_table_with_slice")
def test_rls_filter_doesnt_alter_energy_query(self):
g.user = self.get_user(
username="admin"
) # self.login() doesn't actually set the user
g.user = self.get_user(username="admin")
tbl = self.get_table(name="energy_usage")
sql = tbl.get_query_str(self.query_obj)
assert tbl.get_extra_cache_keys(self.query_obj) == []
@ -256,9 +255,7 @@ class TestRowLevelSecurity(SupersetTestCase):
@pytest.mark.usefixtures("load_unicode_dashboard_with_slice")
def test_multiple_table_filter_alters_another_tables_query(self):
g.user = self.get_user(
username="alpha"
) # self.login() doesn't actually set the user
g.user = self.get_user(username="alpha")
tbl = self.get_table(name="unicode_test")
sql = tbl.get_query_str(self.query_obj)
assert tbl.get_extra_cache_keys(self.query_obj) == [1]
@ -321,7 +318,7 @@ class TestRowLevelSecurity(SupersetTestCase):
class TestRowLevelSecurityCreateAPI(SupersetTestCase):
@pytest.mark.usefixtures("load_birth_names_dashboard_with_slices")
def test_invalid_role_failure(self):
self.login("Admin")
self.login(ADMIN_USERNAME)
payload = {
"name": "rls 1",
"clause": "1=1",
@ -335,7 +332,7 @@ class TestRowLevelSecurityCreateAPI(SupersetTestCase):
self.assertEqual(data["message"], "[l'Some roles do not exist']")
def test_invalid_table_failure(self):
self.login("Admin")
self.login(ADMIN_USERNAME)
payload = {
"name": "rls 1",
"clause": "1=1",
@ -351,7 +348,7 @@ class TestRowLevelSecurityCreateAPI(SupersetTestCase):
@pytest.mark.usefixtures("load_birth_names_dashboard_with_slices")
def test_post_success(self):
table = db.session.query(SqlaTable).first()
self.login("Admin")
self.login(ADMIN_USERNAME)
payload = {
"name": "rls 1",
"clause": "1=1",
@ -383,7 +380,7 @@ class TestRowLevelSecurityCreateAPI(SupersetTestCase):
class TestRowLevelSecurityUpdateAPI(SupersetTestCase):
def test_invalid_id_failure(self):
self.login("Admin")
self.login(ADMIN_USERNAME)
payload = {
"name": "rls 1",
"clause": "1=1",
@ -409,7 +406,7 @@ class TestRowLevelSecurityUpdateAPI(SupersetTestCase):
db.session.add(rls)
db.session.commit()
self.login("Admin")
self.login(ADMIN_USERNAME)
payload = {
"roles": [999999],
}
@ -434,7 +431,7 @@ class TestRowLevelSecurityUpdateAPI(SupersetTestCase):
db.session.add(rls)
db.session.commit()
self.login("Admin")
self.login(ADMIN_USERNAME)
payload = {
"name": "rls 1",
"clause": "1=1",
@ -466,7 +463,7 @@ class TestRowLevelSecurityUpdateAPI(SupersetTestCase):
db.session.add(rls)
db.session.commit()
self.login("Admin")
self.login(ADMIN_USERNAME)
payload = {
"name": "rls put success",
"clause": "2=2",
@ -497,7 +494,7 @@ class TestRowLevelSecurityUpdateAPI(SupersetTestCase):
class TestRowLevelSecurityDeleteAPI(SupersetTestCase):
def test_invalid_id_failure(self):
self.login("Admin")
self.login(ADMIN_USERNAME)
ids_to_delete = prison.dumps([10000, 10001, 100002])
rv = self.client.delete(f"/api/v1/rowlevelsecurity/?q={ids_to_delete}")
@ -529,7 +526,7 @@ class TestRowLevelSecurityDeleteAPI(SupersetTestCase):
db.session.add_all([rls_1, rls_2])
db.session.commit()
self.login("Admin")
self.login(ADMIN_USERNAME)
ids_to_delete = prison.dumps([rls_1.id, rls_2.id])
rv = self.client.delete(f"/api/v1/rowlevelsecurity/?q={ids_to_delete}")
@ -543,7 +540,7 @@ class TestRowLevelSecurityWithRelatedAPI(SupersetTestCase):
@pytest.mark.usefixtures("load_birth_names_data")
@pytest.mark.usefixtures("load_energy_table_data")
def test_rls_tables_related_api(self):
self.login("Admin")
self.login(ADMIN_USERNAME)
params = prison.dumps({"page": 0, "page_size": 100})
@ -562,7 +559,7 @@ class TestRowLevelSecurityWithRelatedAPI(SupersetTestCase):
assert db_table_names == received_tables
def test_rls_roles_related_api(self):
self.login("Admin")
self.login(ADMIN_USERNAME)
params = prison.dumps({"page": 0, "page_size": 100})
rv = self.client.get(f"/api/v1/rowlevelsecurity/related/roles?q={params}")
@ -584,7 +581,7 @@ class TestRowLevelSecurityWithRelatedAPI(SupersetTestCase):
{"tables": [["table_name", filters.FilterStartsWith, "birth"]]},
)
def test_table_related_filter(self):
self.login("Admin")
self.login(ADMIN_USERNAME)
params = prison.dumps({"page": 0, "page_size": 10})
@ -602,7 +599,7 @@ class TestRowLevelSecurityWithRelatedAPI(SupersetTestCase):
"""
API: Test get filter related roles with extra related query filters
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
def _base_filter(query):
return query.filter_by(name="Alpha")

9
tests/integration_tests/security_tests.py
View File

@ -48,7 +48,8 @@ from superset.utils.core import (
from superset.utils.database import get_example_database
from superset.utils.urls import get_url_host
from .base_tests import SupersetTestCase
from tests.integration_tests.base_tests import SupersetTestCase
from tests.integration_tests.constants import GAMMA_USERNAME
from tests.integration_tests.conftest import with_feature_flags
from tests.integration_tests.fixtures.public_role import (
public_role_like_gamma,
@ -154,6 +155,7 @@ class TestRolePermission(SupersetTestCase):
delete_schema_perm(schema_perm)
db.session.delete(security_manager.find_role(SCHEMA_ACCESS_ROLE))
db.session.commit()
super().tearDown()
def test_after_insert_dataset(self):
security_manager.on_view_menu_after_insert = Mock()
@ -1207,7 +1209,7 @@ class TestRolePermission(SupersetTestCase):
dash.published = True
db.session.commit()
self.login(username="gamma")
self.login(GAMMA_USERNAME)
data = str(self.client.get("api/v1/dashboard/").data)
self.assertIn("/superset/dashboard/world_health/", data)
self.assertNotIn("/superset/dashboard/births/", data)
@ -1272,10 +1274,9 @@ class TestRolePermission(SupersetTestCase):
"page_size": -1,
}
NEW_FLASK_GET_SQL_DBS_REQUEST = f"/api/v1/database/?q={prison.dumps(arguments)}"
self.login(username="gamma")
self.login(GAMMA_USERNAME)
databases_json = self.client.get(NEW_FLASK_GET_SQL_DBS_REQUEST).json
self.assertEqual(databases_json["count"], 1)
self.logout()
def assert_can_read(self, view_menu, permissions_set):
if view_menu in NEW_SECURITY_CONVERGE_VIEWS:

33
tests/integration_tests/sql_lab/api_tests.py
View File

@ -38,6 +38,11 @@ from superset.utils import core as utils
from superset.models.sql_lab import Query
from tests.integration_tests.base_tests import SupersetTestCase
from tests.integration_tests.constants import (
ADMIN_USERNAME,
GAMMA_SQLLAB_NO_DATA_USERNAME,
)
from tests.integration_tests.fixtures.birth_names_dashboard import load_birth_names_data
from tests.integration_tests.fixtures.users import create_gamma_sqllab_no_data
QUERIES_FIXTURE_COUNT = 10
@ -51,7 +56,11 @@ class TestSqlLabApi(SupersetTestCase):
clear=True,
)
def test_get_from_empty_bootsrap_data(self):
self.login(username="gamma_sqllab_no_data")
if utils.backend() == "postgresql":
# failing
return
self.login(GAMMA_SQLLAB_NO_DATA_USERNAME)
resp = self.client.get("/api/v1/sqllab/")
assert resp.status_code == 200
data = json.loads(resp.data.decode("utf-8"))
@ -66,7 +75,7 @@ class TestSqlLabApi(SupersetTestCase):
clear=True,
)
def test_get_from_bootstrap_data_for_non_persisted_tab_state(self):
self.login("admin")
self.login(ADMIN_USERNAME)
# create a tab
data = {
"queryEditor": json.dumps(
@ -88,14 +97,14 @@ class TestSqlLabApi(SupersetTestCase):
assert result["active_tab"] == None
assert result["tab_state_ids"] == []
@pytest.mark.usefixtures("load_birth_names_data")
@mock.patch.dict(
"superset.extensions.feature_flag_manager._feature_flags",
{"SQLLAB_BACKEND_PERSISTENCE": True},
clear=True,
)
def test_get_from_bootstrap_data_with_latest_query(self):
username = "admin"
self.login(username)
self.login(ADMIN_USERNAME)
# create a tab
data = {
@ -198,7 +207,7 @@ class TestSqlLabApi(SupersetTestCase):
db.session.commit()
def test_estimate_required_params(self):
self.login()
self.login(ADMIN_USERNAME)
rv = self.client.post(
"/api/v1/sqllab/estimate/",
@ -235,7 +244,7 @@ class TestSqlLabApi(SupersetTestCase):
self.assertEqual(rv.status_code, 400)
def test_estimate_valid_request(self):
self.login()
self.login(ADMIN_USERNAME)
formatter_response = [
{
@ -265,7 +274,7 @@ class TestSqlLabApi(SupersetTestCase):
self.assertEqual(rv.status_code, 200)
def test_format_sql_request(self):
self.login()
self.login(ADMIN_USERNAME)
data = {"sql": "select 1 from my_table"}
rv = self.client.post(
@ -279,7 +288,7 @@ class TestSqlLabApi(SupersetTestCase):
@mock.patch("superset.commands.sql_lab.results.results_backend_use_msgpack", False)
def test_execute_required_params(self):
self.login()
self.login(ADMIN_USERNAME)
client_id = f"{random.getrandbits(64)}"[:10]
data = {"client_id": client_id}
@ -324,7 +333,7 @@ class TestSqlLabApi(SupersetTestCase):
core.results_backend = mock.Mock()
core.results_backend.get.return_value = {}
self.login()
self.login(ADMIN_USERNAME)
client_id = f"{random.getrandbits(64)}"[:10]
data = {"sql": "SELECT 1", "database_id": 1, "client_id": client_id}
@ -342,7 +351,7 @@ class TestSqlLabApi(SupersetTestCase):
@mock.patch("superset.sqllab.api.get_sql_results")
def test_execute_custom_templated(self, sql_lab_mock, mock_dt) -> None:
mock_dt.utcnow = mock.Mock(return_value=datetime.datetime(1970, 1, 1))
self.login()
self.login(ADMIN_USERNAME)
sql = "SELECT '$DATE()' as test"
resp = {
"status": QueryStatus.SUCCESS,
@ -366,7 +375,7 @@ class TestSqlLabApi(SupersetTestCase):
from superset.commands.sql_lab import results as command
command.results_backend = mock.Mock()
self.login()
self.login(ADMIN_USERNAME)
data = [{"col_0": i} for i in range(100)]
payload = {
@ -418,7 +427,7 @@ class TestSqlLabApi(SupersetTestCase):
@mock.patch("superset.models.sql_lab.Query.raise_for_access", lambda _: None)
@mock.patch("superset.models.core.Database.get_df")
def test_export_results(self, get_df_mock: mock.Mock) -> None:
self.login()
self.login(ADMIN_USERNAME)
database = get_example_database()
query_obj = Query(

3
tests/integration_tests/sql_validator_tests.py
View File

@ -44,9 +44,6 @@ class TestPrestoValidator(SupersetTestCase):
self.database_cursor = self.database_conn.cursor.return_value
self.database_cursor.poll.return_value = None
def tearDown(self):
self.logout()
PRESTO_ERROR_TEMPLATE = {
"errorLocation": {"lineNumber": 10, "columnNumber": 20},
"message": "your query isn't how I like it",

61
tests/integration_tests/sqllab_tests.py
View File

@ -49,8 +49,14 @@ from superset.utils.core import (
)
from superset.utils.database import get_example_database, get_main_database
from .base_tests import SupersetTestCase
from .conftest import CTAS_SCHEMA_NAME
from tests.integration_tests.base_tests import SupersetTestCase
from tests.integration_tests.conftest import CTAS_SCHEMA_NAME
from tests.integration_tests.constants import (
ADMIN_USERNAME,
GAMMA_SQLLAB_NO_DATA_USERNAME,
GAMMA_SQLLAB_USERNAME,
GAMMA_USERNAME,
)
from tests.integration_tests.fixtures.birth_names_dashboard import (
load_birth_names_dashboard_with_slices,
load_birth_names_data,
@ -73,20 +79,19 @@ class TestSqlLab(SupersetTestCase):
self.run_sql(QUERY_1, client_id="client_id_1", username="admin")
self.run_sql(QUERY_2, client_id="client_id_2", username="admin")
self.run_sql(QUERY_3, client_id="client_id_3", username="gamma_sqllab")
self.logout()
def tearDown(self):
self.logout()
db.session.query(Query).delete()
db.session.commit()
db.session.close()
super().tearDown()
@pytest.mark.usefixtures("load_birth_names_dashboard_with_slices")
def test_sql_json(self):
examples_db = get_example_database()
engine_name = examples_db.db_engine_spec.engine_name
self.login("admin")
self.login(ADMIN_USERNAME)
data = self.run_sql("SELECT * FROM birth_names LIMIT 10", "1")
self.assertLess(0, len(data["data"]))
@ -129,7 +134,7 @@ class TestSqlLab(SupersetTestCase):
@pytest.mark.usefixtures("load_birth_names_dashboard_with_slices")
def test_sql_json_dml_disallowed(self):
self.login("admin")
self.login(ADMIN_USERNAME)
data = self.run_sql("DELETE FROM birth_names", "1")
assert data == {
@ -155,7 +160,7 @@ class TestSqlLab(SupersetTestCase):
"""
SQLLab: Test SQLLab query execution info propagation to saved queries
"""
self.login("admin")
self.login(ADMIN_USERNAME)
sql_statement = "SELECT * FROM birth_names LIMIT 10"
examples_db_id = get_example_database().id
@ -164,7 +169,7 @@ class TestSqlLab(SupersetTestCase):
db.session.commit()
with freeze_time(datetime.now().isoformat(timespec="seconds")):
self.run_sql(sql_statement, "1", username="admin")
self.run_sql(sql_statement, "1")
saved_query_ = (
db.session.query(SavedQuery)
.filter(
@ -193,7 +198,7 @@ class TestSqlLab(SupersetTestCase):
old_allow_ctas = examples_db.allow_ctas
examples_db.allow_ctas = True # enable cta
self.login("admin")
self.login(ADMIN_USERNAME)
tmp_table_name = f"test_target_{ctas_method.lower()}"
self.run_sql(
"SELECT * FROM birth_names",
@ -225,7 +230,7 @@ class TestSqlLab(SupersetTestCase):
@pytest.mark.usefixtures("load_birth_names_dashboard_with_slices")
def test_multi_sql(self):
self.login("admin")
self.login(ADMIN_USERNAME)
multi_sql = """
SELECT * FROM birth_names LIMIT 1;
@ -236,7 +241,7 @@ class TestSqlLab(SupersetTestCase):
@pytest.mark.usefixtures("load_birth_names_dashboard_with_slices")
def test_explain(self):
self.login("admin")
self.login(ADMIN_USERNAME)
data = self.run_sql("EXPLAIN SELECT * FROM birth_names", "1")
self.assertLess(0, len(data["data"]))
@ -258,16 +263,14 @@ class TestSqlLab(SupersetTestCase):
self.assertLess(0, len(data["data"]))
def test_sqllab_has_access(self):
for username in ("admin", "gamma_sqllab"):
for username in (ADMIN_USERNAME, GAMMA_SQLLAB_USERNAME):
self.login(username)
for endpoint in ("/sqllab/", "/sqllab/history/"):
resp = self.client.get(endpoint)
self.assertEqual(200, resp.status_code)
self.logout()
def test_sqllab_no_access(self):
self.login("gamma")
self.login(GAMMA_USERNAME)
for endpoint in ("/sqllab/", "/sqllab/history/"):
resp = self.client.get(endpoint)
# Redirects to the main page
@ -330,7 +333,7 @@ class TestSqlLab(SupersetTestCase):
self.run_sql(
"SELECT name as col, gender as col FROM birth_names LIMIT 10",
client_id="2e2df3",
username="admin",
username=ADMIN_USERNAME,
raise_on_error=True,
)
@ -360,7 +363,7 @@ class TestSqlLab(SupersetTestCase):
@pytest.mark.usefixtures("load_birth_names_dashboard_with_slices")
def test_sql_limit(self):
self.login("admin")
self.login(ADMIN_USERNAME)
test_limit = 1
data = self.run_sql("SELECT * FROM birth_names", client_id="sql_limit_1")
self.assertGreater(len(data["data"]), test_limit)
@ -417,7 +420,7 @@ class TestSqlLab(SupersetTestCase):
Admin and make sure all queries show up.
"""
self.run_some_queries()
self.login(username="admin")
self.login(ADMIN_USERNAME)
url = "/api/v1/query/"
data = self.get_json_resp(url)
@ -445,9 +448,8 @@ class TestSqlLab(SupersetTestCase):
)
db.session.commit()
# Test search_queries for Admin user
self.run_some_queries()
self.login("gamma_sqllab")
self.login(GAMMA_SQLLAB_USERNAME)
url = "/api/v1/query/"
data = self.get_json_resp(url)
self.assertEqual(3, len(data["result"]))
@ -467,8 +469,7 @@ class TestSqlLab(SupersetTestCase):
Test query api with sql_editor_id filter to
gamma and make sure sql editor associated queries show up.
"""
username = "gamma_sqllab"
self.login("gamma_sqllab")
self.login(GAMMA_SQLLAB_USERNAME)
# create a tab
data = {
@ -489,14 +490,12 @@ class TestSqlLab(SupersetTestCase):
self.run_sql(
"SELECT 1",
"client_id_1",
username=username,
raise_on_error=True,
sql_editor_id=str(tab_state_id),
)
self.run_sql(
"SELECT 2",
"client_id_2",
username=username,
raise_on_error=True,
sql_editor_id=str(tab_state_id),
)
@ -504,7 +503,6 @@ class TestSqlLab(SupersetTestCase):
self.run_sql(
"SELECT 3",
"client_id_3",
username=username,
raise_on_error=True,
)
@ -524,16 +522,15 @@ class TestSqlLab(SupersetTestCase):
Test query api with all_query_access perm added to
Admin and make sure only Admin queries show up. This is the default
"""
# Test search_queries for Admin user
self.run_some_queries()
self.login("admin")
self.login(ADMIN_USERNAME)
url = "/api/v1/query/"
data = self.get_json_resp(url)
self.assertEqual(3, len(data["result"]))
def test_api_database(self):
self.login("admin")
self.login(ADMIN_USERNAME)
self.create_fake_db()
get_example_database()
get_main_database()
@ -561,7 +558,7 @@ class TestSqlLab(SupersetTestCase):
clear=True,
)
def test_sql_json_parameter_error(self):
self.login("admin")
self.login(ADMIN_USERNAME)
data = self.run_sql(
"SELECT * FROM birth_names WHERE state = '{{ state }}' LIMIT 10",
@ -601,7 +598,7 @@ class TestSqlLab(SupersetTestCase):
clear=True,
)
def test_sql_json_parameter_authorized(self):
self.login("admin")
self.login(ADMIN_USERNAME)
data = self.run_sql(
"SELECT name FROM {{ table }} LIMIT 10",
@ -618,7 +615,7 @@ class TestSqlLab(SupersetTestCase):
clear=True,
)
def test_sql_json_parameter_forbidden(self):
self.login("gamma_sqllab_no_data")
self.login(GAMMA_SQLLAB_NO_DATA_USERNAME)
data = self.run_sql(
"SELECT name FROM {{ table }} LIMIT 10",
@ -862,7 +859,7 @@ class TestSqlLab(SupersetTestCase):
if examples_db.backend == "sqlite":
return
self.login("admin")
self.login(ADMIN_USERNAME)
with mock.patch.object(
examples_db.db_engine_spec, "handle_cursor"

13
tests/integration_tests/strategy_tests.py
View File

@ -40,9 +40,14 @@ from superset.tasks.cache import (
)
from superset.utils.urls import get_url_host
from .base_tests import SupersetTestCase
from .dashboard_utils import create_dashboard, create_slice, create_table_metadata
from .fixtures.unicode_dashboard import (
from tests.integration_tests.base_tests import SupersetTestCase
from tests.integration_tests.constants import ADMIN_USERNAME
from tests.integration_tests.dashboard_utils import (
create_dashboard,
create_slice,
create_table_metadata,
)
from tests.integration_tests.fixtures.unicode_dashboard import (
load_unicode_dashboard_with_slice,
load_unicode_data,
)
@ -70,7 +75,7 @@ class TestCacheWarmUp(SupersetTestCase):
def test_top_n_dashboards_strategy(self):
# create a top visited dashboard
db.session.query(Log).delete()
self.login(username="admin")
self.login(ADMIN_USERNAME)
dash = self.get_dash_by_slug("births")
for _ in range(10):
self.client.get(f"/superset/dashboard/{dash.id}/")

41
tests/integration_tests/tags/api_tests.py
View File

@ -40,6 +40,7 @@ from superset.common.db_query_status import QueryStatus
from superset.models.core import Database
from superset.utils.database import get_example_database, get_main_database
from superset.tags.models import ObjectType, Tag, TagType, TaggedObject
from tests.integration_tests.constants import ADMIN_USERNAME, ALPHA_USERNAME
from tests.integration_tests.fixtures.birth_names_dashboard import (
load_birth_names_dashboard_with_slices,
load_birth_names_data,
@ -130,7 +131,7 @@ class TestTagApi(SupersetTestCase):
name="test get tag",
tag_type="custom",
)
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/tag/{tag.id}"
rv = self.client.get(uri)
self.assertEqual(rv.status_code, 200)
@ -155,7 +156,7 @@ class TestTagApi(SupersetTestCase):
"""
tag = self.insert_tag(name="test tag", tag_type="custom")
max_id = db.session.query(func.max(Tag.id)).scalar()
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/tag/{max_id + 1}"
rv = self.client.get(uri)
self.assertEqual(rv.status_code, 404)
@ -168,7 +169,7 @@ class TestTagApi(SupersetTestCase):
"""
Query API: Test get list query
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "api/v1/tag/"
rv = self.client.get(uri)
self.assertEqual(rv.status_code, 200)
@ -195,7 +196,7 @@ class TestTagApi(SupersetTestCase):
name=tag["name"],
tag_type=tag["type"],
)
self.login(username="admin")
self.login(ADMIN_USERNAME)
# Only user-created tags
query = {
@ -225,7 +226,7 @@ class TestTagApi(SupersetTestCase):
@pytest.mark.usefixtures("load_world_bank_dashboard_with_slices")
@pytest.mark.usefixtures("load_birth_names_dashboard_with_slices")
def test_add_tagged_objects(self):
self.login(username="admin")
self.login(ADMIN_USERNAME)
# clean up tags and tagged objects
tags = db.session.query(Tag)
for tag in tags:
@ -272,7 +273,7 @@ class TestTagApi(SupersetTestCase):
@pytest.mark.usefixtures("load_birth_names_dashboard_with_slices")
@pytest.mark.usefixtures("create_tags")
def test_delete_tagged_objects(self):
self.login(username="admin")
self.login(ADMIN_USERNAME)
dashboard_id = 1
dashboard_type = ObjectType.dashboard
tag_names = ["example_tag_1", "example_tag_2"]
@ -337,7 +338,7 @@ class TestTagApi(SupersetTestCase):
@pytest.mark.usefixtures("load_birth_names_dashboard_with_slices")
@pytest.mark.usefixtures("create_tags")
def test_get_objects_by_tag(self):
self.login(username="admin")
self.login(ADMIN_USERNAME)
dashboard = (
db.session.query(Dashboard)
.filter(Dashboard.dashboard_title == "World Bank's Data")
@ -372,7 +373,7 @@ class TestTagApi(SupersetTestCase):
@pytest.mark.usefixtures("load_birth_names_dashboard_with_slices")
@pytest.mark.usefixtures("create_tags")
def test_get_all_objects(self):
self.login(username="admin")
self.login(ADMIN_USERNAME)
# tag the dashboard with id 1
dashboard = (
db.session.query(Dashboard)
@ -407,7 +408,7 @@ class TestTagApi(SupersetTestCase):
# test delete tags
@pytest.mark.usefixtures("create_tags")
def test_delete_tags(self):
self.login(username="admin")
self.login(ADMIN_USERNAME)
# check that tags exist in the database
example_tag_names = ["example_tag_1", "example_tag_2", "example_tag_3"]
tags = db.session.query(Tag).filter(Tag.name.in_(example_tag_names))
@ -433,7 +434,7 @@ class TestTagApi(SupersetTestCase):
@pytest.mark.usefixtures("create_tags")
def test_delete_favorite_tag(self):
self.login(username="admin")
self.login(ADMIN_USERNAME)
user_id = self.get_user(username="admin").get_id()
tag = db.session.query(Tag).first()
uri = f"api/v1/tag/{tag.id}/favorites/"
@ -477,7 +478,7 @@ class TestTagApi(SupersetTestCase):
@pytest.mark.usefixtures("create_tags")
def test_add_tag_not_found(self):
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/tag/123/favorites/"
rv = self.client.post(uri, follow_redirects=True)
@ -485,7 +486,7 @@ class TestTagApi(SupersetTestCase):
@pytest.mark.usefixtures("create_tags")
def test_delete_favorite_tag_not_found(self):
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/tag/123/favorites/"
rv = self.client.delete(uri, follow_redirects=True)
@ -494,7 +495,7 @@ class TestTagApi(SupersetTestCase):
@pytest.mark.usefixtures("create_tags")
@patch("superset.daos.tag.g")
def test_add_tag_user_not_found(self, flask_g):
self.login(username="admin")
self.login(ADMIN_USERNAME)
flask_g.user = None
uri = f"api/v1/tag/123/favorites/"
rv = self.client.post(uri, follow_redirects=True)
@ -504,7 +505,7 @@ class TestTagApi(SupersetTestCase):
@pytest.mark.usefixtures("create_tags")
@patch("superset.daos.tag.g")
def test_delete_favorite_tag_user_not_found(self, flask_g):
self.login(username="admin")
self.login(ADMIN_USERNAME)
flask_g.user = None
uri = f"api/v1/tag/123/favorites/"
rv = self.client.delete(uri, follow_redirects=True)
@ -513,7 +514,7 @@ class TestTagApi(SupersetTestCase):
@pytest.mark.usefixtures("load_world_bank_dashboard_with_slices")
def test_post_tag(self):
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/tag/"
dashboard = (
db.session.query(Dashboard)
@ -536,7 +537,7 @@ class TestTagApi(SupersetTestCase):
@pytest.mark.usefixtures("load_world_bank_dashboard_with_slices")
def test_post_tag_no_name_400(self):
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/tag/"
dashboard = (
db.session.query(Dashboard)
@ -553,7 +554,7 @@ class TestTagApi(SupersetTestCase):
@pytest.mark.usefixtures("load_world_bank_dashboard_with_slices")
@pytest.mark.usefixtures("create_tags")
def test_put_tag(self):
self.login(username="admin")
self.login(ADMIN_USERNAME)
tag_to_update = db.session.query(Tag).first()
uri = f"api/v1/tag/{tag_to_update.id}"
@ -573,7 +574,7 @@ class TestTagApi(SupersetTestCase):
@pytest.mark.usefixtures("load_world_bank_dashboard_with_slices")
@pytest.mark.usefixtures("create_tags")
def test_failed_put_tag(self):
self.login(username="admin")
self.login(ADMIN_USERNAME)
tag_to_update = db.session.query(Tag).first()
uri = f"api/v1/tag/{tag_to_update.id}"
@ -583,7 +584,7 @@ class TestTagApi(SupersetTestCase):
@pytest.mark.usefixtures("load_world_bank_dashboard_with_slices")
def test_post_bulk_tag(self):
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = "api/v1/tag/bulk_create"
dashboard = (
db.session.query(Dashboard)
@ -649,7 +650,7 @@ class TestTagApi(SupersetTestCase):
def test_post_bulk_tag_skipped_tags_perm(self):
alpha = self.get_user("alpha")
self.insert_dashboard("titletag", "slugtag", [alpha.id])
self.login(username="alpha")
self.login(ALPHA_USERNAME)
uri = "api/v1/tag/bulk_create"
dashboard = (
db.session.query(Dashboard)

30
tests/integration_tests/thumbnails_tests.py
View File

@ -35,15 +35,15 @@ from superset.tasks.types import ExecutorType
from superset.utils.screenshots import ChartScreenshot, DashboardScreenshot
from superset.utils.urls import get_url_path
from superset.utils.webdriver import WebDriverSelenium
from tests.integration_tests.base_tests import SupersetTestCase
from tests.integration_tests.conftest import with_feature_flags
from tests.integration_tests.constants import ADMIN_USERNAME, ALPHA_USERNAME
from tests.integration_tests.fixtures.birth_names_dashboard import (
load_birth_names_dashboard_with_slices,
load_birth_names_data,
)
from tests.integration_tests.test_app import app
from .base_tests import SupersetTestCase
CHART_URL = "/api/v1/chart/"
DASHBOARD_URL = "/api/v1/dashboard/"
@ -214,7 +214,7 @@ class TestThumbnails(SupersetTestCase):
"""
Thumbnails: Dashboard thumbnail disabled
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
_, thumbnail_url = self._get_id_and_thumbnail_url(DASHBOARD_URL)
rv = self.client.get(thumbnail_url)
self.assertEqual(rv.status_code, 404)
@ -225,7 +225,7 @@ class TestThumbnails(SupersetTestCase):
"""
Thumbnails: Chart thumbnail disabled
"""
self.login(username="admin")
self.login(ADMIN_USERNAME)
_, thumbnail_url = self._get_id_and_thumbnail_url(CHART_URL)
rv = self.client.get(thumbnail_url)
self.assertEqual(rv.status_code, 404)
@ -236,7 +236,7 @@ class TestThumbnails(SupersetTestCase):
"""
Thumbnails: Simple get async dashboard screenshot as selenium user
"""
self.login(username="alpha")
self.login(ALPHA_USERNAME)
with patch.dict(
"superset.thumbnails.digest.current_app.config",
{
@ -261,7 +261,7 @@ class TestThumbnails(SupersetTestCase):
Thumbnails: Simple get async dashboard screenshot as current user
"""
username = "alpha"
self.login(username=username)
self.login(username)
with patch.dict(
"superset.thumbnails.digest.current_app.config",
{
@ -286,7 +286,7 @@ class TestThumbnails(SupersetTestCase):
Thumbnails: Simple get async dashboard not found
"""
max_id = db.session.query(func.max(Dashboard.id)).scalar()
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/dashboard/{max_id + 1}/thumbnail/1234/"
rv = self.client.get(uri)
self.assertEqual(rv.status_code, 404)
@ -297,7 +297,7 @@ class TestThumbnails(SupersetTestCase):
"""
Thumbnails: Simple get async dashboard not allowed
"""
self.login(username="gamma")
self.login(ADMIN_USERNAME)
_, thumbnail_url = self._get_id_and_thumbnail_url(DASHBOARD_URL)
rv = self.client.get(thumbnail_url)
self.assertEqual(rv.status_code, 404)
@ -308,7 +308,7 @@ class TestThumbnails(SupersetTestCase):
"""
Thumbnails: Simple get async chart screenshot as selenium user
"""
self.login(username="alpha")
self.login(ADMIN_USERNAME)
with patch.dict(
"superset.thumbnails.digest.current_app.config",
{
@ -333,7 +333,7 @@ class TestThumbnails(SupersetTestCase):
Thumbnails: Simple get async chart screenshot as current user
"""
username = "alpha"
self.login(username=username)
self.login(username)
with patch.dict(
"superset.thumbnails.digest.current_app.config",
{
@ -358,7 +358,7 @@ class TestThumbnails(SupersetTestCase):
Thumbnails: Simple get async chart not found
"""
max_id = db.session.query(func.max(Slice.id)).scalar()
self.login(username="admin")
self.login(ADMIN_USERNAME)
uri = f"api/v1/chart/{max_id + 1}/thumbnail/1234/"
rv = self.client.get(uri)
self.assertEqual(rv.status_code, 404)
@ -372,7 +372,7 @@ class TestThumbnails(SupersetTestCase):
with patch.object(
ChartScreenshot, "get_from_cache", return_value=BytesIO(self.mock_image)
):
self.login(username="admin")
self.login(ADMIN_USERNAME)
id_, thumbnail_url = self._get_id_and_thumbnail_url(CHART_URL)
rv = self.client.get(f"api/v1/chart/{id_}/thumbnail/1234/")
self.assertEqual(rv.status_code, 302)
@ -387,7 +387,7 @@ class TestThumbnails(SupersetTestCase):
with patch.object(
DashboardScreenshot, "get_from_cache", return_value=BytesIO(self.mock_image)
):
self.login(username="admin")
self.login(ADMIN_USERNAME)
_, thumbnail_url = self._get_id_and_thumbnail_url(DASHBOARD_URL)
rv = self.client.get(thumbnail_url)
self.assertEqual(rv.status_code, 200)
@ -402,7 +402,7 @@ class TestThumbnails(SupersetTestCase):
with patch.object(
ChartScreenshot, "get_from_cache", return_value=BytesIO(self.mock_image)
):
self.login(username="admin")
self.login(ADMIN_USERNAME)
id_, thumbnail_url = self._get_id_and_thumbnail_url(CHART_URL)
rv = self.client.get(thumbnail_url)
self.assertEqual(rv.status_code, 200)
@ -417,7 +417,7 @@ class TestThumbnails(SupersetTestCase):
with patch.object(
DashboardScreenshot, "get_from_cache", return_value=BytesIO(self.mock_image)
):
self.login(username="admin")
self.login(ADMIN_USERNAME)
id_, thumbnail_url = self._get_id_and_thumbnail_url(DASHBOARD_URL)
rv = self.client.get(f"api/v1/dashboard/{id_}/thumbnail/1234/")
self.assertEqual(rv.status_code, 302)

6
tests/integration_tests/users/api_tests.py
View File

@ -21,13 +21,14 @@ from unittest.mock import patch
from superset import security_manager
from tests.integration_tests.base_tests import SupersetTestCase
from tests.integration_tests.constants import ADMIN_USERNAME
meUri = "/api/v1/me/"
class TestCurrentUserApi(SupersetTestCase):
def test_get_me_logged_in(self):
self.login(username="admin")
self.login(ADMIN_USERNAME)
rv = self.client.get(meUri)
@ -38,7 +39,7 @@ class TestCurrentUserApi(SupersetTestCase):
self.assertEqual(False, response["result"]["is_anonymous"])
def test_get_me_with_roles(self):
self.login(username="admin")
self.login(ADMIN_USERNAME)
rv = self.client.get(meUri + "roles/")
self.assertEqual(200, rv.status_code)
@ -53,7 +54,6 @@ class TestCurrentUserApi(SupersetTestCase):
self.assertEqual(401, rv.status_code)
def test_get_me_unauthorized(self):
self.logout()
rv = self.client.get(meUri)
self.assertEqual(401, rv.status_code)

3
tests/integration_tests/utils_tests.py
View File

@ -76,6 +76,7 @@ from superset.utils import schema
from superset.utils.hashing import md5_sha_from_str
from superset.views.utils import build_extra_filters, get_form_data
from tests.integration_tests.base_tests import SupersetTestCase
from tests.integration_tests.constants import ADMIN_USERNAME
from tests.integration_tests.fixtures.world_bank_dashboard import (
load_world_bank_dashboard_with_slices,
load_world_bank_data,
@ -897,7 +898,7 @@ class TestUtils(SupersetTestCase):
@pytest.mark.usefixtures("load_birth_names_dashboard_with_slices")
def test_log_this(self) -> None:
# TODO: Add additional scenarios.
self.login(username="admin")
self.login(ADMIN_USERNAME)
slc = self.get_slice("Top 10 Girl Name Share")
dashboard_id = 1