diff --git a/superset/charts/api.py b/superset/charts/api.py index 237b24a2b317b..aba386c8358c3 100644 --- a/superset/charts/api.py +++ b/superset/charts/api.py @@ -954,7 +954,7 @@ def favorite_status(self, **kwargs: Any) -> Response: charts = ChartDAO.find_by_ids(requested_ids) if not charts: return self.response_404() - favorited_chart_ids = ChartDAO.favorited_ids(charts, g.user.id) + favorited_chart_ids = ChartDAO.favorited_ids(charts, g.user.get_id()) res = [ {"id": request_id, "value": request_id in favorited_chart_ids} for request_id in requested_ids diff --git a/superset/config.py b/superset/config.py index 3ddb7cd8e36a3..7a97b5260faff 100644 --- a/superset/config.py +++ b/superset/config.py @@ -409,7 +409,7 @@ def _try_json_readsha( # pylint: disable=unused-argument # from flask import g, request # def GET_FEATURE_FLAGS_FUNC(feature_flags_dict: Dict[str, bool]) -> Dict[str, bool]: # if hasattr(g, "user") and g.user.is_active: -# feature_flags_dict['some_feature'] = g.user and g.user.id == 5 +# feature_flags_dict['some_feature'] = g.user and g.user.get_id() == 5 # return feature_flags_dict GET_FEATURE_FLAGS_FUNC: Optional[Callable[[Dict[str, bool]], Dict[str, bool]]] = None diff --git a/superset/dashboards/api.py b/superset/dashboards/api.py index db807e8daab11..64bfd82a86c80 100644 --- a/superset/dashboards/api.py +++ b/superset/dashboards/api.py @@ -826,7 +826,9 @@ def favorite_status(self, **kwargs: Any) -> Response: dashboards = DashboardDAO.find_by_ids(requested_ids) if not dashboards: return self.response_404() - favorited_dashboard_ids = DashboardDAO.favorited_ids(dashboards, g.user.id) + favorited_dashboard_ids = DashboardDAO.favorited_ids( + dashboards, g.user.get_id() + ) res = [ {"id": request_id, "value": request_id in favorited_dashboard_ids} for request_id in requested_ids diff --git a/superset/db_engine_specs/base.py b/superset/db_engine_specs/base.py index cfc3060f06e8b..7bbc4bd9bd5fa 100644 --- a/superset/db_engine_specs/base.py +++ b/superset/db_engine_specs/base.py @@ -999,7 +999,7 @@ def estimate_query_cost( if not cls.get_allow_cost_estimate(extra): raise Exception("Database does not support cost estimation") - user_name = g.user.username if g.user else None + user_name = g.user.username if g.user and hasattr(g.user, "username") else None parsed_query = sql_parse.ParsedQuery(sql) statements = parsed_query.get_statements() diff --git a/superset/jinja_context.py b/superset/jinja_context.py index b86b466e91c40..54fc09d161051 100644 --- a/superset/jinja_context.py +++ b/superset/jinja_context.py @@ -142,8 +142,8 @@ def current_user_id(self, add_to_cache_keys: bool = True) -> Optional[int]: if hasattr(g, "user") and g.user: if add_to_cache_keys: - self.cache_key_wrapper(g.user.id) - return g.user.id + self.cache_key_wrapper(g.user.get_id()) + return g.user.get_id() return None def current_username(self, add_to_cache_keys: bool = True) -> Optional[str]: @@ -154,7 +154,7 @@ def current_username(self, add_to_cache_keys: bool = True) -> Optional[str]: :returns: The username """ - if g.user: + if g.user and hasattr(g.user, "username"): if add_to_cache_keys: self.cache_key_wrapper(g.user.username) return g.user.username diff --git a/superset/security/manager.py b/superset/security/manager.py index 73672bb964060..de608da165971 100644 --- a/superset/security/manager.py +++ b/superset/security/manager.py @@ -434,7 +434,7 @@ def user_view_menu_names(self, permission_name: str) -> Set[str]: view_menu_names = ( base_query.join(assoc_user_role) .join(self.user_model) - .filter(self.user_model.id == g.user.id) + .filter(self.user_model.id == g.user.get_id()) .filter(self.permission_model.name == permission_name) ).all() return {s.name for s in view_menu_names} @@ -1044,7 +1044,7 @@ def get_rls_filters(self, table: "BaseDatasource") -> List[SqlaQuery]: user_roles = ( self.get_session.query(assoc_user_role.c.role_id) - .filter(assoc_user_role.c.user_id == g.user.id) + .filter(assoc_user_role.c.user_id == g.user.get_id()) .subquery() ) regular_filter_roles = ( diff --git a/superset/sql_validators/presto_db.py b/superset/sql_validators/presto_db.py index a215ab8eb4e4c..7f468c96fb394 100644 --- a/superset/sql_validators/presto_db.py +++ b/superset/sql_validators/presto_db.py @@ -151,7 +151,7 @@ def validate( For example, "SELECT 1 FROM default.mytable" becomes "EXPLAIN (TYPE VALIDATE) SELECT 1 FROM default.mytable. """ - user_name = g.user.username if g.user else None + user_name = g.user.username if g.user and hasattr(g.user, "username") else None parsed_query = ParsedQuery(sql) statements = parsed_query.get_statements() diff --git a/superset/views/base_api.py b/superset/views/base_api.py index 11632d67f2d5d..b730ce12662cb 100644 --- a/superset/views/base_api.py +++ b/superset/views/base_api.py @@ -116,7 +116,10 @@ def apply(self, query: Query, value: Any) -> Query: if security_manager.current_user is None: return query users_favorite_query = db.session.query(FavStar.obj_id).filter( - and_(FavStar.user_id == g.user.id, FavStar.class_name == self.class_name) + and_( + FavStar.user_id == g.user.get_id(), + FavStar.class_name == self.class_name, + ) ) if value: return query.filter(and_(self.model.id.in_(users_favorite_query))) diff --git a/superset/views/base_schemas.py b/superset/views/base_schemas.py index 659ec3fdfcc1a..65c9a3567aa9e 100644 --- a/superset/views/base_schemas.py +++ b/superset/views/base_schemas.py @@ -113,8 +113,8 @@ def pre_load(self, data: Dict[Any, Any]) -> None: @staticmethod def set_owners(instance: Model, owners: List[int]) -> None: owner_objs = list() - if g.user.id not in owners: - owners.append(g.user.id) + if g.user.get_id() not in owners: + owners.append(g.user.get_id()) for owner_id in owners: user = current_app.appbuilder.get_session.query( current_app.appbuilder.sm.user_model diff --git a/superset/views/core.py b/superset/views/core.py index 95ba394b346c8..cff9e482d7fad 100755 --- a/superset/views/core.py +++ b/superset/views/core.py @@ -1067,8 +1067,10 @@ def get_datasource_label(ds_name: utils.DatasourceName) -> str: views = [vn for vn in views if substr_parsed in get_datasource_label(vn)] if not schema_parsed and database.default_schemas: - user_schema = g.user.email.split("@")[0] - valid_schemas = set(database.default_schemas + [user_schema]) + user_schemas = ( + [g.user.email.split("@")[0]] if hasattr(g.user, "email") else [] + ) + valid_schemas = set(database.default_schemas + user_schemas) tables = [tn for tn in tables if tn.schema in valid_schemas] views = [vn for vn in views if vn.schema in valid_schemas] @@ -1261,7 +1263,9 @@ def testconn( # pylint: disable=too-many-return-statements,no-self-use database.set_sqlalchemy_uri(uri) database.db_engine_spec.mutate_db_for_connection_test(database) - username = g.user.username if g.user is not None else None + username = ( + g.user.username if g.user and hasattr(g.user, "username") else None + ) engine = database.get_sqla_engine(user_name=username) with closing(engine.raw_connection()) as conn: @@ -1515,7 +1519,7 @@ def user_slices( # pylint: disable=no-self-use ) -> FlaskResponse: """List of slices a user owns, created, modified or faved""" if not user_id: - user_id = g.user.id + user_id = g.user.get_id() owner_ids_query = ( db.session.query(Slice.id) @@ -1567,7 +1571,7 @@ def created_slices( # pylint: disable=no-self-use ) -> FlaskResponse: """List of slices created by this user""" if not user_id: - user_id = g.user.id + user_id = g.user.get_id() qry = ( db.session.query(Slice) .filter(or_(Slice.created_by_fk == user_id, Slice.changed_by_fk == user_id)) @@ -1595,7 +1599,7 @@ def fave_slices( # pylint: disable=no-self-use ) -> FlaskResponse: """Favorite slices for a user""" if not user_id: - user_id = g.user.id + user_id = g.user.get_id() qry = ( db.session.query(Slice, FavStar.dttm) .join( @@ -1779,8 +1783,9 @@ def publish( # pylint: disable=no-self-use edit_perm = is_owner(dash, g.user) or admin_role in get_user_roles() if not edit_perm: + username = g.user.username if hasattr(g.user, "username") else "user" return json_error_response( - f'ERROR: "{g.user.username}" cannot alter ' + f'ERROR: "{username}" cannot alter ' f'dashboard "{dash.dashboard_title}"', status=403, ) @@ -2304,7 +2309,9 @@ def _sql_json_async( # pylint: disable=too-many-arguments rendered_query, return_results=False, store_results=not query.select_as_cta, - user_name=g.user.username if g.user else None, + user_name=g.user.username + if g.user and hasattr(g.user, "username") + else None, start_time=now_as_float(), expand_data=expand_data, log_params=log_params, @@ -2376,7 +2383,9 @@ def _sql_json_sync( rendered_query, return_results=True, store_results=store_results, - user_name=g.user.username if g.user else None, + user_name=g.user.username + if g.user and hasattr(g.user, "username") + else None, expand_data=expand_data, log_params=log_params, ) diff --git a/superset/views/database/views.py b/superset/views/database/views.py index e3c3f9283ff92..5236f31c495fc 100644 --- a/superset/views/database/views.py +++ b/superset/views/database/views.py @@ -219,7 +219,7 @@ def form_post(self, form: CsvToDatabaseForm) -> Response: sqla_table = SqlaTable(table_name=csv_table.table) sqla_table.database = expore_database sqla_table.database_id = database.id - sqla_table.user_id = g.user.id + sqla_table.user_id = g.user.get_id() sqla_table.schema = csv_table.schema sqla_table.fetch_metadata() db.session.add(sqla_table) @@ -360,7 +360,7 @@ def form_post(self, form: ExcelToDatabaseForm) -> Response: sqla_table = SqlaTable(table_name=excel_table.table) sqla_table.database = expore_database sqla_table.database_id = database.id - sqla_table.user_id = g.user.id + sqla_table.user_id = g.user.get_id() sqla_table.schema = excel_table.schema sqla_table.fetch_metadata() db.session.add(sqla_table) diff --git a/superset/views/sql_lab.py b/superset/views/sql_lab.py index 574e87e014384..ef3d901d4decd 100644 --- a/superset/views/sql_lab.py +++ b/superset/views/sql_lab.py @@ -297,4 +297,4 @@ class SqlLab(BaseSupersetView): @has_access def my_queries(self) -> FlaskResponse: # pylint: disable=no-self-use """Assigns a list of found users to the given role.""" - return redirect("/savedqueryview/list/?_flt_0_user={}".format(g.user.id)) + return redirect("/savedqueryview/list/?_flt_0_user={}".format(g.user.get_id()))