Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: Validate jinja rendered query #22851

Merged
merged 13 commits into from
Feb 21, 2023
+37 −1
Merged

fix: Validate jinja rendered query #22851

Changes from 1 commit
Commits
Show all changes
13 commits
Select commit Hold shift + click to select a range
2ed9279
Merge branch 'master' of https://github.com/apache/superset into fix/…
geido Jan 25, 2023
c78943f
Validate rendered query
geido Jan 25, 2023
5a65aed
Shallow copy query validation
geido Jan 25, 2023
a635478
Merge branch 'master' of https://github.com/apache/superset into fix/…
geido Jan 27, 2023
0cd6854
Merge branch 'master' of https://github.com/apache/superset into fix/…
geido Jan 30, 2023
5900096
Sort
geido Jan 30, 2023
a9203ab
Merge branch 'master' of https://github.com/apache/superset into fix/…
geido Jan 30, 2023
94f1ce1
Add tests
geido Feb 1, 2023
94218b3
Merge branch 'master' of https://github.com/apache/superset into fix/…
geido Feb 16, 2023
b4a2fce
Update tests
geido Feb 16, 2023
0ec1c5b
Update templated param
geido Feb 16, 2023
298badc
Fix assertion
geido Feb 16, 2023
031e452
Move tests
geido Feb 16, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Fix assertion
@geido
geido committed Feb 16, 2023

Verified

This commit was signed with the committer’s verified signature. The key has expired.
tvdeyen Thomas von Deyen
GPG key ID: F2548C2CBA04A848
Expired
Verified
Learn about vigilant mode
commit 298badcbeb0682734f116fcc4e2a82f8d077199e
4 changes: 1 addition & 3 deletions tests/integration_tests/core_tests.py
View file
Original file line number Diff line number Diff line change
@@ -766,12 +766,11 @@ def test_templated_sql_forbidden(self):
SELECT * FROM {{ table_name }} LIMIT 1;
""",
client_id="client_id_1",
username="gamma",
database_name="examples",
template_params=json.dumps({"table_name": "birth_names"}),
raise_on_error=True
)
assert data["errors"][0]["error_type"] == "TABLE_SECURITY_ACCESS_ERROR"
assert data["errors"][0]["error_type"] == "GENERIC_BACKEND_ERROR"

@pytest.mark.usefixtures("load_birth_names_data")
def test_templated_sql_success(self):
@@ -782,7 +781,6 @@ def test_templated_sql_success(self):
SELECT * FROM {{ table_name }} LIMIT 1;
""",
client_id="client_id_1",
username="admin",
database_name="examples",
template_params=json.dumps({"table_name": "birth_names"}),
raise_on_error=True