jprdonnelly/redash
1
0
Fork 0
mirror of https://github.com/getredash/redash.git synced 2025-12-25 10:00:45 -05:00
Code Issues Projects Releases Wiki Activity

Feature: new permissions system

Browse Source 
This is one huge change for the permissions system and related:

* (Backward incompatible:) Remove the table based permissions in favour of the new model.
* Manage permission to view or query datasources based on groups.
* Add the concept of Organization. It's irrelevant for most deployments, but allows for
  multi-tenant support in re:dash.
* Replace ActivityLog with Event based rows (old data in activity_log table is retained).
* Enforce permissions on the server-side. There were some permissions that were only enforced
  on the client side. This is no more. All permissions are enforced by the server.
* Added new permission: 'super-admin' to access the status and Flask-Admin interface.
* Make sure that html is never cached by the browser - this is to make sure that the browser
  will always ask for the new Javascript/CSS resources (if such are available).
This commit is contained in:
Arik Fraimovich
2015-12-01 15:44:08 +02:00
parent 6e32f5b9f2
commit f7b57fa580
93 changed files with 2430 additions and 1458 deletions
Download Patch File Download Diff File Expand all files Collapse all files

152
tests/factories.py
View File

@@ -40,18 +40,22 @@ class Sequence(object):
user_factory = ModelFactory(redash.models.User,
name='John Doe', email=Sequence('test{}@example.com'),
groups=['default'])
groups=[2],
org=1)
org_factory = ModelFactory(redash.models.Organization,
name=Sequence("Org {}"),
domain=Sequence("org{}.example.com"),
settings={})
data_source_factory = ModelFactory(redash.models.DataSource,
name=Sequence('Test {}'),
type='pg',
options='{"dbname": "test"}')
options='{"dbname": "test"}',
org=1)
dashboard_factory = ModelFactory(redash.models.Dashboard,
name='test', user=user_factory.create, layout='[]')
name='test', user=user_factory.create, layout='[]', org=1)
query_factory = ModelFactory(redash.models.Query,
name='New Query',
@@ -60,7 +64,14 @@ query_factory = ModelFactory(redash.models.Query,
user=user_factory.create,
is_archived=False,
schedule=None,
data_source=data_source_factory.create)
data_source=data_source_factory.create,
org=1)
alert_factory = ModelFactory(redash.models.Alert,
name=Sequence('Alert {}'),
query=query_factory.create,
user=user_factory.create,
options={})
query_result_factory = ModelFactory(redash.models.QueryResult,
data='{"columns":{}, "rows":[]}',
@@ -68,7 +79,8 @@ query_result_factory = ModelFactory(redash.models.QueryResult,
retrieved_at=utcnow,
query="SELECT 1",
query_hash=gen_query_hash('SELECT 1'),
data_source=data_source_factory.create)
data_source=data_source_factory.create,
org=1)
visualization_factory = ModelFactory(redash.models.Visualization,
type='CHART',
@@ -83,3 +95,129 @@ widget_factory = ModelFactory(redash.models.Widget,
options='{}',
dashboard=dashboard_factory.create,
visualization=visualization_factory.create)
class Factory(object):
def __init__(self):
self.org, self.admin_group, self.default_group = redash.models.init_db()
self.org.domain = "org0.example.org"
self.org.save()
self.data_source = data_source_factory.create(org=self.org)
self.user = self.create_user()
redash.models.DataSourceGroup.create(group=self.default_group, data_source=self.data_source)
def create_org(self, **kwargs):
org = org_factory.create(**kwargs)
self.create_group(org=org, type=redash.models.Group.BUILTIN_GROUP, name="default")
self.create_group(org=org, type=redash.models.Group.BUILTIN_GROUP, name="admin", permissions=["admin"])
return org
def create_user(self, **kwargs):
args = {
'org': self.org,
'groups': [self.default_group.id]
}
if 'org' in kwargs:
args['groups'] = [kwargs['org'].default_group.id]
args.update(kwargs)
return user_factory.create(**args)
def create_admin(self, **kwargs):
args = {
'org': self.org,
'groups': [self.admin_group.id, self.default_group.id]
}
if 'org' in kwargs:
args['groups'] = [kwargs['org'].default_group.id, kwargs['org'].admin_group.id]
args.update(kwargs)
return user_factory.create(**args)
def create_group(self, **kwargs):
args = {
'name': 'Group',
'org': self.org
}
args.update(kwargs)
return redash.models.Group.create(**args)
def create_alert(self, **kwargs):
args = {
'user': self.user,
'query': self.create_query()
}
args.update(**kwargs)
return alert_factory.create(**args)
def create_data_source(self, **kwargs):
args = {
'org': self.org
}
args.update(kwargs)
if 'group' in kwargs and 'org' not in kwargs:
args['org'] = kwargs['group'].org
data_source = data_source_factory.create(**args)
if 'group' in kwargs:
permissions = kwargs.pop('permissions', ['create', 'view'])
redash.models.DataSourceGroup.create(group=kwargs['group'],
data_source=data_source,
permissions=permissions)
return data_source
def create_dashboard(self, **kwargs):
args = {
'user': self.user,
'org': self.org
}
args.update(kwargs)
return dashboard_factory.create(**args)
def create_query(self, **kwargs):
args = {
'user': self.user,
'data_source': self.data_source,
'org': self.org
}
args.update(kwargs)
return query_factory.create(**args)
def create_query_result(self, **kwargs):
args = {
'data_source': self.data_source,
}
args.update(kwargs)
if 'data_source' in args and 'org' not in args:
args['org'] = args['data_source'].org_id
return query_result_factory.create(**args)
def create_visualization(self, **kwargs):
args = {
'query': self.create_query()
}
args.update(kwargs)
return visualization_factory.create(**args)
def create_widget(self, **kwargs):
args = {
'dashboard': self.create_dashboard(),
'visualization': self.create_visualization()
}
args.update(kwargs)
return widget_factory.create(**args)