iop
/
superset
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix: css template permissions for gamma role (#23083)

This commit is contained in:
Daniel Vaz Gaspar 2023-02-15 15:26:02 +00:00 committed by GitHub
parent e5a4c78dc7
commit c39cf36d27
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 16 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
superset/security/manager.py
View File

@ -164,6 +164,7 @@ class SupersetSecurityManager( # pylint: disable=too-many-public-methods
GAMMA_READ_ONLY_MODEL_VIEWS = {
"Dataset",
"Datasource",
"CssTemplate",
} | READ_ONLY_MODEL_VIEWS
ADMIN_ONLY_VIEW_MENUS = {

16
tests/integration_tests/security_tests.py
View File

@ -1328,13 +1328,26 @@ class TestRolePermission(SupersetTestCase):
def assert_can_menu(self, view_menu, permissions_set):
self.assertIn(("menu_access", view_menu), permissions_set)
def assert_cannot_menu(self, view_menu, permissions_set):
self.assertNotIn(("menu_access", view_menu), permissions_set)
def assert_cannot_gamma(self, perm_set):
self.assert_cannot_write("CssTemplate", perm_set)
self.assert_cannot_menu("CSS Templates", perm_set)
self.assert_cannot_menu("Manage", perm_set)
self.assert_cannot_menu("Queries", perm_set)
self.assert_cannot_menu("Import dashboards", perm_set)
self.assert_cannot_menu("Upload a CSV", perm_set)
self.assert_cannot_menu("ReportSchedule", perm_set)
self.assert_cannot_menu("Alerts & Report", perm_set)
def assert_can_gamma(self, perm_set):
self.assert_can_read("CssTemplate", perm_set)
self.assert_can_read("Dataset", perm_set)
# make sure that user can create slices and dashboards
self.assert_can_all("Dashboard", perm_set)
self.assert_can_all("Chart", perm_set)
self.assertIn(("can_add_slices", "Superset"), perm_set)
self.assertIn(("can_copy_dash", "Superset"), perm_set)
self.assertIn(("can_created_dashboards", "Superset"), perm_set)
@ -1477,6 +1490,7 @@ class TestRolePermission(SupersetTestCase):
def test_gamma_permissions_basic(self):
self.assert_can_gamma(get_perm_tuples("Gamma"))
self.assert_cannot_alpha(get_perm_tuples("Gamma"))
self.assert_cannot_gamma(get_perm_tuples("Gamma"))
@pytest.mark.usefixtures("public_role_like_gamma")
def test_public_permissions_basic(self):