iop
/
superset
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix: Include RLS filters for cache keys (#10805) 

* Fix: Include RLS filters for cache keys

This fix makes sure that RLS filters are searched for templatable jinja content, ensuring cached visualizations aren't shown to the wrong user.

* Fix: Include RLS filters for cache keys

This fix makes sure that RLS filters are searched for templatable jinja content, ensuring cached visualizations aren't shown to the wrong user.

Co-authored-by: Ville Brofeldt <33317356+villebro@users.noreply.github.com>

Co-authored-by: Ville Brofeldt <33317356+villebro@users.noreply.github.com>
This commit is contained in:
gtg472b 2020-09-07 08:49:13 -06:00 committed by GitHub
parent 92f2353f80
commit 702cfe938f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
superset/connectors/sqla/models.py
View File

@ -1454,6 +1454,10 @@ class SqlaTable( # pylint: disable=too-many-public-methods,too-many-instance-at
templatable_statements.append(extras["where"]) templatable_statements.append(extras["where"])
if "having" in extras: if "having" in extras:
templatable_statements.append(extras["having"]) templatable_statements.append(extras["having"])
if config["ENABLE_ROW_LEVEL_SECURITY"] and self.is_rls_supported:
templatable_statements += [
f.clause for f in security_manager.get_rls_filters(self)
]
for statement in templatable_statements: for statement in templatable_statements:
if ExtraCache.regex.search(statement): if ExtraCache.regex.search(statement):
return True return True