diff --git a/caravel/assets/stylesheets/caravel.css b/caravel/assets/stylesheets/caravel.css index 9603beebd3ab4..7fe7f1001cfaa 100644 --- a/caravel/assets/stylesheets/caravel.css +++ b/caravel/assets/stylesheets/caravel.css @@ -29,6 +29,10 @@ input.form-control { color: red; } +.disabledButton { + pointer-events: none; +} + .col-left-fixed { width:350px; position: absolute; diff --git a/caravel/templates/caravel/dashboard.html b/caravel/templates/caravel/dashboard.html index ba0734b71ba91..00ba50c4fbd25 100644 --- a/caravel/templates/caravel/dashboard.html +++ b/caravel/templates/caravel/dashboard.html @@ -55,13 +55,13 @@

- - + - diff --git a/caravel/templates/caravel/explore.html b/caravel/templates/caravel/explore.html index 029cc14add459..64b27e87a0b0c 100644 --- a/caravel/templates/caravel/explore.html +++ b/caravel/templates/caravel/explore.html @@ -69,7 +69,7 @@ .json - + .csv 0 sec @@ -86,13 +86,13 @@ Query {% if viz.form_data.slice_id %} - + {% endif %} - +
diff --git a/caravel/views.py b/caravel/views.py index 4e4791840d9e6..c2e72791daaeb 100644 --- a/caravel/views.py +++ b/caravel/views.py @@ -140,7 +140,6 @@ class DatabaseView(CaravelModelView, DeleteMixin): # noqa order_columns = utils.list_minus(list_columns, ['created_by_']) add_columns = [ 'database_name', 'sqlalchemy_uri', 'cache_timeout', 'extra'] - show_columns = add_columns search_exclude_columns = ('password',) edit_columns = add_columns add_template = "caravel/models/database/add.html" @@ -463,6 +462,13 @@ def explore(self, datasource_type, datasource_id): datasource = datasource[0] if datasource else None slice_id = request.args.get("slice_id") slc = None + slice_add_perm = self.appbuilder.sm.has_access( + 'can_add', 'SliceModelView') + slice_edit_perm = self.appbuilder.sm.has_access( + 'can_edit', 'SliceModelView') + slice_download_perm = self.appbuilder.sm.has_access( + 'can_download', 'SliceModelView') + if slice_id: slc = ( db.session.query(models.Slice) @@ -483,7 +489,8 @@ def explore(self, datasource_type, datasource_id): action = request.args.get('action') if action in ('save', 'overwrite'): - return self.save(request.args, slc) + return self.save_or_overwrite_slice( + request.args, slc, slice_add_perm, slice_edit_perm) viz_type = request.args.get("viz_type") if not viz_type and datasource.default_endpoint: @@ -529,7 +536,9 @@ def explore(self, datasource_type, datasource_id): template = "caravel/explore.html" resp = self.render_template( - template, viz=obj, slice=slc, datasources=datasources) + template, viz=obj, slice=slc, datasources=datasources, + can_add=slice_add_perm, can_edit=slice_edit_perm, + can_download=slice_download_perm) try: pass except Exception as e: @@ -541,9 +550,8 @@ def explore(self, datasource_type, datasource_id): mimetype="application/json") return resp - def save(self, args, slc): - """Saves (inserts or overwrite a slice) """ - session = db.session() + def save_or_overwrite_slice(self, args, slc, slice_add_perm, slice_edit_perm): + """save or overwrite a slice""" slice_name = args.get('slice_name') action = args.get('action') @@ -568,9 +576,6 @@ def save(self, args, slc): if action == "save": slc = models.Slice() - msg = "Slice [{}] has been saved".format(slice_name) - elif action == "overwrite": - msg = "Slice [{}] has been overwritten".format(slice_name) slc.params = json.dumps(d, indent=4, sort_keys=True) slc.datasource_name = args.get('datasource_name') @@ -580,13 +585,26 @@ def save(self, args, slc): slc.datasource_type = datasource_type slc.slice_name = slice_name - if action == "save": - session.add(slc) - elif action == "overwrite": - session.merge(slc) + if action == 'save' and slice_add_perm: + self.save_slice(slc) + elif action == 'overwrite' and slice_edit_perm: + self.overwrite_slice(slc) + + return redirect(slc.slice_url) + + def save_slice(self, slc): + session = db.session() + msg = "Slice [{}] has been saved".format(slc.slice_name) + session.add(slc) + session.commit() + flash(msg, "info") + + def overwrite_slice(self, slc): + session = db.session() + msg = "Slice [{}] has been overwritten".format(slc.slice_name) + session.merge(slc) session.commit() flash(msg, "info") - return redirect(slc.slice_url) @has_access @expose("/checkbox////", methods=['GET']) @@ -711,7 +729,9 @@ def dashboard(**kwargs): # noqa return self.render_template( "caravel/dashboard.html", dashboard=dash, templates=templates, - pos_dict=pos_dict) + pos_dict=pos_dict, + dash_save_perm=appbuilder.sm.has_access('can_save_dash', 'Caravel'), + dash_edit_perm=appbuilder.sm.has_access('can_edit', 'DashboardModelView')) @has_access @expose("/sql//")