From 702cfe938f941ec5492de1eb544e1c1b44d51ec0 Mon Sep 17 00:00:00 2001 From: gtg472b Date: Mon, 7 Sep 2020 08:49:13 -0600 Subject: [PATCH] Fix: Include RLS filters for cache keys (#10805) * Fix: Include RLS filters for cache keys This fix makes sure that RLS filters are searched for templatable jinja content, ensuring cached visualizations aren't shown to the wrong user. * Fix: Include RLS filters for cache keys This fix makes sure that RLS filters are searched for templatable jinja content, ensuring cached visualizations aren't shown to the wrong user. Co-authored-by: Ville Brofeldt <33317356+villebro@users.noreply.github.com> Co-authored-by: Ville Brofeldt <33317356+villebro@users.noreply.github.com> --- superset/connectors/sqla/models.py | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/superset/connectors/sqla/models.py b/superset/connectors/sqla/models.py index 601a69ddb..667c9d4a3 100644 --- a/superset/connectors/sqla/models.py +++ b/superset/connectors/sqla/models.py @@ -1454,6 +1454,10 @@ class SqlaTable( # pylint: disable=too-many-public-methods,too-many-instance-at templatable_statements.append(extras["where"]) if "having" in extras: templatable_statements.append(extras["having"]) + if config["ENABLE_ROW_LEVEL_SECURITY"] and self.is_rls_supported: + templatable_statements += [ + f.clause for f in security_manager.get_rls_filters(self) + ] for statement in templatable_statements: if ExtraCache.regex.search(statement): return True