Skip to content

Commit

Permalink
Programatically sync the role with user list. (apache#1619)
Browse files Browse the repository at this point in the history
  • Loading branch information
bkyryliuk authored Nov 21, 2016
1 parent 868e5c4 commit c90dd49
Show file tree
Hide file tree
Showing 3 changed files with 65 additions and 0 deletions.
1 change: 1 addition & 0 deletions superset/security.py
Original file line number Diff line number Diff line change
Expand Up @@ -36,6 +36,7 @@
'can_sync_druid_source',
'can_override_role_permissions',
'can_approve',
'can_update_role',
}
READ_ONLY_PERMISSION = {
'can_show',
Expand Down
16 changes: 16 additions & 0 deletions superset/views.py
Original file line number Diff line number Diff line change
Expand Up @@ -1108,6 +1108,22 @@ def msg(self):

class Superset(BaseSupersetView):
"""The base views for Superset!"""
@has_access_api
@expose("/update_role/", methods=['POST'])
def update_role(self):
"""Assigns a list of found users to the given role."""
data = request.get_json(force=True)
user_emails = data['user_emails']
role_name = data['role_name']
role = sm.find_role(role_name)
role.user = []
for user_email in user_emails:
user = sm.find_user(email=user_email)
if user:
role.user.append(user)
db.session.commit()
return Response(status=201)

@has_access_api
@expose("/override_role_permissions/", methods=['POST'])
def override_role_permissions(self):
Expand Down
48 changes: 48 additions & 0 deletions tests/access_tests.py
Original file line number Diff line number Diff line change
Expand Up @@ -348,6 +348,54 @@ def test_request_access(self):
gamma_user.roles.remove(sm.find_role('dummy_role'))
session.commit()

def test_update_role_do_not_exist(self):
update_role_str = 'update_me'
update_role = sm.find_role(update_role_str)
if update_role:
db.session.delete(update_role)
db.session.commit()
with self.assertRaises(AttributeError):
self.get_resp(
'/superset/update_role/',
data=json.dumps({
'user_emails': ['[email protected]'],
'role_name': update_role_str,
})
)

def test_update_role(self):
update_role_str = 'update_me'
sm.add_role(update_role_str)
db.session.commit()
resp = self.client.post(
'/superset/update_role/',
data=json.dumps({
'user_emails': ['[email protected]'],
'role_name': update_role_str
}),
follow_redirects=True
)
update_role = sm.find_role(update_role_str)
self.assertEquals(
update_role.user, [sm.find_user(email='[email protected]')])
self.assertEquals(resp.status_code, 201)

resp = self.client.post(
'/superset/update_role/',
data=json.dumps({
'user_emails': ['[email protected]', '[email protected]'],
'role_name': update_role_str
}),
follow_redirects=True
)
self.assertEquals(resp.status_code, 201)
update_role = sm.find_role(update_role_str)
self.assertEquals(
update_role.user, [sm.find_user(email='[email protected]')])

db.session.delete(update_role)
db.session.commit()


if __name__ == '__main__':
unittest.main()

0 comments on commit c90dd49

Please sign in to comment.