From baca6a472409c4ec9bd2732b49571bd095d8321e Mon Sep 17 00:00:00 2001 From: Daniel Gaspar Date: Wed, 14 Feb 2024 16:43:50 +0000 Subject: [PATCH 1/6] fix: removes old deprecated sqllab endpoint --- superset/views/core.py | 18 ------------------ 1 file changed, 18 deletions(-) diff --git a/superset/views/core.py b/superset/views/core.py index c3974117e2aca..4b15a1361bb6b 100755 --- a/superset/views/core.py +++ b/superset/views/core.py @@ -916,24 +916,6 @@ def welcome(self) -> FlaskResponse: ), ) - @has_access - @event_logger.log_this - @expose( - "/sqllab/", - methods=( - "GET", - "POST", - ), - ) - @deprecated(new_target="/sqllab") - def sqllab(self) -> FlaskResponse: - """SQL Editor""" - url = "/sqllab" - if url_params := request.args: - params = parse.urlencode(url_params) - url = f"{url}?{params}" - return redirect(url) - @has_access @event_logger.log_this @expose("/sqllab/history/", methods=("GET",)) From 904a42944770187b08314882e2384c09de0501da Mon Sep 17 00:00:00 2001 From: Daniel Gaspar Date: Wed, 14 Feb 2024 16:54:52 +0000 Subject: [PATCH 2/6] fix tests --- tests/integration_tests/core_tests.py | 19 ------------------- 1 file changed, 19 deletions(-) diff --git a/tests/integration_tests/core_tests.py b/tests/integration_tests/core_tests.py index 1b1e128b073fe..4d3c35ec81cc0 100644 --- a/tests/integration_tests/core_tests.py +++ b/tests/integration_tests/core_tests.py @@ -1190,25 +1190,6 @@ def test_has_table_by_name(self): is True ) - def test_redirect_new_sqllab(self): - self.login(username="admin") - resp = self.client.get( - "/superset/sqllab?savedQueryId=1&testParams=2", - follow_redirects=True, - ) - assert resp.request.path == "/sqllab/" - assert ( - resp.request.query_string.decode("utf-8") == "savedQueryId=1&testParams=2" - ) - - resp = self.client.post("/superset/sqllab/") - assert resp.status_code == 302 - - def test_redirect_new_sqllab_history(self): - self.login(username="admin") - resp = self.client.get("/superset/sqllab/history/") - assert resp.status_code == 302 - if __name__ == "__main__": unittest.main() From 5f3121f9d1f0b13e770b0a2e36ff99833b4aeaad Mon Sep 17 00:00:00 2001 From: Daniel Gaspar Date: Wed, 14 Feb 2024 18:44:22 +0000 Subject: [PATCH 3/6] fix minimal --- tests/integration_tests/security_tests.py | 37 +++++++++++++++++------ 1 file changed, 28 insertions(+), 9 deletions(-) diff --git a/tests/integration_tests/security_tests.py b/tests/integration_tests/security_tests.py index b1f66b0d6caba..4a7c3dcd8f627 100644 --- a/tests/integration_tests/security_tests.py +++ b/tests/integration_tests/security_tests.py @@ -1470,15 +1470,34 @@ def test_admin_permissions(self): def test_sql_lab_permissions(self): sql_lab_set = get_perm_tuples("sql_lab") - self.assertIn(("can_csv", "Superset"), sql_lab_set) - self.assertIn(("can_read", "Database"), sql_lab_set) - self.assertIn(("can_read", "SavedQuery"), sql_lab_set) - self.assertIn(("can_sqllab", "Superset"), sql_lab_set) - - self.assertIn(("menu_access", "SQL Lab"), sql_lab_set) - self.assertIn(("menu_access", "SQL Editor"), sql_lab_set) - self.assertIn(("menu_access", "Saved Queries"), sql_lab_set) - self.assertIn(("menu_access", "Query Search"), sql_lab_set) + self.assertEqual( + sql_lab_set, + { + ("can_activate", "TabStateView"), + ("can_csv", "Superset"), + ("can_delete_query", "TabStateView"), + ("can_delete", "TabStateView"), + ("can_execute_sql_query", "SQLLab"), + ("can_export", "SavedQuery"), + ("can_export_csv", "SQLLab"), + ("can_get", "TabStateView"), + ("can_get_results", "SQLLab"), + ("can_migrate_query", "TabStateView"), + ("can_my_queries", "SqlLab"), + ("can_sqllab_history", "Superset"), + ("can_put", "TabStateView"), + ("can_post", "TabStateView"), + ("can_write", "SavedQuery"), + ("can_read", "Query"), + ("can_read", "Database"), + ("can_read", "SQLLab"), + ("can_read", "SavedQuery"), + ("menu_access", "Query Search"), + ("menu_access", "Saved Queries"), + ("menu_access", "SQL Editor"), + ("menu_access", "SQL Lab"), + }, + ) self.assert_cannot_alpha(sql_lab_set) From 69ee428c23b0886b36ca6b2cf25030947c0f1ac2 Mon Sep 17 00:00:00 2001 From: Daniel Gaspar Date: Wed, 14 Feb 2024 19:35:15 +0000 Subject: [PATCH 4/6] remove another one --- .../cypress-base/cypress/e2e/sqllab/query.test.ts | 3 --- superset/initialization/__init__.py | 2 -- superset/security/manager.py | 1 - superset/views/sql_lab/views.py | 13 ------------- tests/integration_tests/security_tests.py | 1 - 5 files changed, 20 deletions(-) diff --git a/superset-frontend/cypress-base/cypress/e2e/sqllab/query.test.ts b/superset-frontend/cypress-base/cypress/e2e/sqllab/query.test.ts index 86502e86555b0..90ceee1e12451 100644 --- a/superset-frontend/cypress-base/cypress/e2e/sqllab/query.test.ts +++ b/superset-frontend/cypress-base/cypress/e2e/sqllab/query.test.ts @@ -123,9 +123,6 @@ describe('SqlLab query panel', () => { .eq(0) // save .click(); - // visit saved queries - cy.visit('/sqllab/my_queries/'); - // first row contains most recent link, follow back to SqlLab cy.get('table tr:first-child a[href*="savedQueryId"').click(); diff --git a/superset/initialization/__init__.py b/superset/initialization/__init__.py index 2e5f5a716a6f8..f39a1ec99dce6 100644 --- a/superset/initialization/__init__.py +++ b/superset/initialization/__init__.py @@ -185,7 +185,6 @@ def init_views(self) -> None: from superset.views.sql_lab.views import ( SavedQueryView, SavedQueryViewApi, - SqlLab, TableSchemaView, TabStateView, ) @@ -310,7 +309,6 @@ def init_views(self) -> None: appbuilder.add_view_no_menu(SavedQueryView) appbuilder.add_view_no_menu(SavedQueryViewApi) appbuilder.add_view_no_menu(SliceAsync) - appbuilder.add_view_no_menu(SqlLab) appbuilder.add_view_no_menu(SqllabView) appbuilder.add_view_no_menu(SqlMetricInlineView) appbuilder.add_view_no_menu(Superset) diff --git a/superset/security/manager.py b/superset/security/manager.py index 356ea068526ae..30aca74eae716 100644 --- a/superset/security/manager.py +++ b/superset/security/manager.py @@ -231,7 +231,6 @@ class SupersetSecurityManager( # pylint: disable=too-many-public-methods ACCESSIBLE_PERMS = {"can_userinfo", "resetmypassword", "can_recent_activity"} SQLLAB_ONLY_PERMISSIONS = { - ("can_my_queries", "SqlLab"), ("can_read", "SavedQuery"), ("can_write", "SavedQuery"), ("can_export", "SavedQuery"), diff --git a/superset/views/sql_lab/views.py b/superset/views/sql_lab/views.py index 00ba4b8a5f0fc..74df8901bbd17 100644 --- a/superset/views/sql_lab/views.py +++ b/superset/views/sql_lab/views.py @@ -264,16 +264,3 @@ def expanded(self, table_schema_id: int) -> FlaskResponse: db.session.commit() response = json.dumps({"id": table_schema_id, "expanded": payload}) return json_success(response) - - -class SqlLab(BaseSupersetView): - """The base views for Superset!""" - - @expose("/my_queries/") - @has_access - def my_queries(self) -> FlaskResponse: - """Assigns a list of found users to the given role.""" - logger.warning( - "This endpoint is deprecated and will be removed in the next major release" - ) - return redirect(f"/savedqueryview/list/?_flt_0_user={get_user_id()}") diff --git a/tests/integration_tests/security_tests.py b/tests/integration_tests/security_tests.py index 4a7c3dcd8f627..3ff2f3512196f 100644 --- a/tests/integration_tests/security_tests.py +++ b/tests/integration_tests/security_tests.py @@ -1483,7 +1483,6 @@ def test_sql_lab_permissions(self): ("can_get", "TabStateView"), ("can_get_results", "SQLLab"), ("can_migrate_query", "TabStateView"), - ("can_my_queries", "SqlLab"), ("can_sqllab_history", "Superset"), ("can_put", "TabStateView"), ("can_post", "TabStateView"), From 2ddd72c5fb6d62bf3c6bdba96866a402be612bcb Mon Sep 17 00:00:00 2001 From: Daniel Gaspar Date: Thu, 15 Feb 2024 09:16:31 +0000 Subject: [PATCH 5/6] fix lint --- superset/views/core.py | 2 +- superset/views/sql_lab/views.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/superset/views/core.py b/superset/views/core.py index 4b15a1361bb6b..c8336521fcb14 100755 --- a/superset/views/core.py +++ b/superset/views/core.py @@ -121,7 +121,7 @@ SqlResults = dict[str, Any] -class Superset(BaseSupersetView): # pylint: disable=too-many-public-methods +class Superset(BaseSupersetView): """The base views for Superset!""" logger = logging.getLogger(__name__) diff --git a/superset/views/sql_lab/views.py b/superset/views/sql_lab/views.py index 74df8901bbd17..5c122ea886c92 100644 --- a/superset/views/sql_lab/views.py +++ b/superset/views/sql_lab/views.py @@ -17,7 +17,7 @@ import logging import simplejson as json -from flask import redirect, request, Response +from flask import request, Response from flask_appbuilder import expose from flask_appbuilder.models.sqla.interface import SQLAInterface from flask_appbuilder.security.decorators import has_access, has_access_api From 26168f158afcf8601f22ff5b1172ff811c175314 Mon Sep 17 00:00:00 2001 From: Daniel Gaspar Date: Thu, 15 Feb 2024 09:40:01 +0000 Subject: [PATCH 6/6] add UPDATING.md --- UPDATING.md | 1 + 1 file changed, 1 insertion(+) diff --git a/UPDATING.md b/UPDATING.md index ac1164f4de65e..fec78be67d8f8 100644 --- a/UPDATING.md +++ b/UPDATING.md @@ -28,6 +28,7 @@ assists people when migrating to a new version. ### Breaking Changes +- [27117](https://github.com/apache/superset/pull/27117): Removes the following deprecated endpoints: `/superset/sqllab`, `/superset/sqllab/history`, `/sqllab/my_queries` use `/sqllab`, `/sqllab/history`, `/savedqueryview/list/?_flt_0_user={get_user_id()}` instead. - [26347](https://github.com/apache/superset/issues/26347): Removes the deprecated `VERSIONED_EXPORT` feature flag. The previous value of the feature flag was `True` and now the feature is permanently enabled. - [26328](https://github.com/apache/superset/issues/26328): Removes the deprecated Filter Box code and it's associated dependencies `react-select` and `array-move`. It also removes the `DeprecatedSelect` and `AsyncSelect` components that were exclusively used by filter boxes. Existing filter boxes will be automatically migrated to native filters. - [26330](https://github.com/apache/superset/issues/26330): Removes the deprecated `DASHBOARD_FILTERS_EXPERIMENTAL` feature flag. The previous value of the feature flag was `False` and now the feature is permanently removed.