Make sure anonymous user with proper permissions can access data#415
Conversation
|
Coverage increased (+0.4%) to 81.353% when pulling 33f04ddcbfffdd9f8358e65c3ae75f42280963bd on asydorchuk:master into 77e4d4b on airbnb:master. |
|
This is great overall! I like the idea but I'm more concerned about testing public not having access to slices and dashboards. Maybe the tests should give access to only one dataset and confirm that only that dataset is accessible. We may want to add a configuration flag |
|
Let me know if you want to take on |
|
Coverage increased (+0.4%) to 81.353% when pulling d33accb66fe41d26d5f376c54088a18ca19eb45b on asydorchuk:master into 77e4d4b on airbnb:master. |
|
I agree about testing public not having access to the specific slices or dashboards. Going to add more tests. Regarding PUBLIC_ROLE_LIKE_GAMMA flag, let's have it as a separate pull request. |
|
Coverage increased (+0.4%) to 81.369% when pulling 8c00ab15c1a389c80878b057835081775261d23a on asydorchuk:master into 77e4d4b on airbnb:master. |
|
@mistercrunch please have another look. In order to make the tests work, I needed to replace lazy_gettext with gettext method for flashing translations. The issue and behavior I was getting otherwise is described here: pallets/flask#812 |
|
Ok this is good! I'm planning on adding support for role definition as part of the configurations in the near future. |
|
Thanks! Config role definitions sounds like a great addition. We use puppet in our organization and that would simplify caravel setup on service machines. I am going to prepare a separate pull request for PUBLIC_ROLE_LIKE_GAMMA flag. |
Bumps [lint-staged](https://github.com/okonet/lint-staged) from 10.1.3 to 10.2.0. - [Release notes](https://github.com/okonet/lint-staged/releases) - [Commits](lint-staged/lint-staged@v10.1.3...v10.2.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Bumps [lint-staged](https://github.com/okonet/lint-staged) from 10.1.3 to 10.2.0. - [Release notes](https://github.com/okonet/lint-staged/releases) - [Commits](lint-staged/lint-staged@v10.1.3...v10.2.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Bumps [lint-staged](https://github.com/okonet/lint-staged) from 10.1.3 to 10.2.0. - [Release notes](https://github.com/okonet/lint-staged/releases) - [Commits](lint-staged/lint-staged@v10.1.3...v10.2.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Bumps [lint-staged](https://github.com/okonet/lint-staged) from 10.1.3 to 10.2.0. - [Release notes](https://github.com/okonet/lint-staged/releases) - [Commits](lint-staged/lint-staged@v10.1.3...v10.2.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
mistercrunch
added
🏷️ bot
…che#415) * Make sure anonymous user with proper permissions can access data * Review fixes: naming changes * Review fixes: add more granular tests for public user dashboard access * Review fixes: test that public user has access only to permitted data sets
4 participants
The current implementation will throw exception when listing or accessing dashboards for the anonymous user that belongs to Public role and has proper permissions, because id and roles properties are not defined for flask AnonymousUserMixin.