remove expose

setup.py

@@ -140,7 +140,7 @@ def get_git_sha() -> str:
         "excel": ["xlrd>=1.2.0, <1.3"],
         "firebird": ["sqlalchemy-firebird>=0.7.0, <0.8"],
         "firebolt": ["firebolt-sqlalchemy>=0.0.1"],
-        "gsheets": ["shillelagh[gsheetsapi]>=1.0.11, <2"],
+        "gsheets": ["shillelagh[gsheetsapi]>=1.0.3, <2"],
         "hana": ["hdbcli==2.4.162", "sqlalchemy_hana==0.4.0"],
         "hive": ["pyhive[hive]>=0.6.1", "tableschema", "thrift>=0.11.0, <1.0.0"],
         "impala": ["impyla>0.16.2, <0.17"],
@@ -157,7 +157,7 @@ def get_git_sha() -> str:
         "redshift": ["sqlalchemy-redshift>=0.8.1, < 0.9"],
         "rockset": ["rockset>=0.7.68, <0.8"],
         "shillelagh": [
-            "shillelagh[datasetteapi,gsheetsapi,socrata,weatherapi]>=1.0.11, <2"
+            "shillelagh[datasetteapi,gsheetsapi,socrata,weatherapi]>=1.0.3, <2"
         ],
         "snowflake": [
             "snowflake-sqlalchemy==1.2.4"

superset/databases/api.py

@@ -169,10 +169,7 @@ class DatabaseRestApi(BaseSupersetModelRestApi):
 
     edit_columns = add_columns
 
-    search_filters = {
-        "allow_file_upload": [DatabaseUploadEnabledFilter],
-        "expose_in_sqllab": [DatabaseFilter],
-    }
+    search_filters = {"allow_file_upload": [DatabaseUploadEnabledFilter]}
 
     list_select_columns = list_columns + ["extra", "sqlalchemy_uri", "password"]
     order_columns = [

superset/databases/filters.py

@@ -69,8 +69,6 @@ class DatabaseUploadEnabledFilter(BaseFilter):  # pylint: disable=too-few-public
     def apply(self, query: Query, value: Any) -> Query:
         filtered_query = query.filter(Database.allow_file_upload)
 
-        database_perms = security_manager.user_view_menu_names("database_access")
-        schema_access_databases = can_access_databases("schema_access")
         datasource_access_databases = can_access_databases("datasource_access")
 
         if hasattr(g, "user"):
@@ -82,19 +80,10 @@ def apply(self, query: Query, value: Any) -> Query:
             if len(allowed_schemas):
                 return filtered_query
 
-        filtered_query = filtered_query.filter(
+        return filtered_query.filter(
             or_(
                 cast(Database.extra, JSON)["schemas_allowed_for_file_upload"]
                 is not None,
                 cast(Database.extra, JSON)["schemas_allowed_for_file_upload"] != [],
             )
         )
-
-        return filtered_query.filter(
-            or_(
-                self.model.perm.in_(database_perms),
-                self.model.database_name.in_(
-                    [*schema_access_databases, *datasource_access_databases]
-                ),
-            )
-        )

tests/integration_tests/databases/api_tests.py

@@ -1135,7 +1135,7 @@ def test_get_allow_file_upload_false_csv(self):
             uri = f"api/v1/database/?q={prison.dumps(arguments)}"
             rv = self.client.get(uri)
             data = json.loads(rv.data.decode("utf-8"))
-            assert data["count"] == 0
+            assert data["count"] == 1
 
     def test_get_allow_file_upload_filter_no_permission(self):
         """