superset详解(七)--报表/看板权限
程序员文章站
2024-02-13 17:40:16
...
这里我们说的访问报表和看板的权限都是对于普通用户来说的。
报表权限
superset的报表是根据datasource_access权限来确定的,也就是说如果你有某个表的权限,那么与这个表相关的报表你都可以访问。
class SliceFilter(SupersetFilter):
def apply(self, query, func): # noqa
if security_manager.all_datasource_access():
return query
# TODO(bogdan): add `schema_access` support here
datasource_perms = self.get_view_menus('datasource_access')
query = (
query.outerjoin(SQLTable, self.model.datasource_id == SQLTable.c.id)
.outerjoin(models.Database, models.Database.id == SQLTable.c.database_id)
.filter(or_(
models.Database.perm.in_(datasource_perms),
self.model.perm.in_(datasource_perms),
))
)
return query
看板权限
看板是有2方面来限制的,如果你拥有这个看板,你就可以看到这个看板;另一个是根据datasource_access来确定你可以访问的报表,然后有报表找到所关联的看板
class DashboardFilter(SupersetFilter):
"""List dashboards for which users have access to at least one slice or are owners"""
def apply(self, query, func): # noqa
if security_manager.all_datasource_access():
return query
Slice = models.Slice # noqa
Dash = models.Dashboard # noqa
User = security_manager.user_model
# TODO(bogdan): add `schema_access` support here
datasource_perms = self.get_view_menus('datasource_access')
slice_ids_qry = (
db.session
.query(Slice.id)
.outerjoin(SQLTable, Slice.datasource_id == SQLTable.c.id)
.outerjoin(models.Database, models.Database.id == SQLTable.c.database_id)
.filter(or_(
models.Database.perm.in_(datasource_perms),
Slice.perm.in_(datasource_perms),
))
)
owner_ids_qry = (
db.session
.query(Dash.id)
.join(Dash.owners)
.filter(User.id == User.get_user_id())
)
query = query.filter(
or_(Dash.id.in_(
db.session.query(Dash.id)
.distinct()
.join(Dash.slices)
.filter(Slice.id.in_(slice_ids_qry)),
), Dash.id.in_(owner_ids_qry)),
)
return query