From 0da10d9feb266234df6a97c8828247a2282d143c Mon Sep 17 00:00:00 2001 From: Will Barrett Date: Tue, 5 Nov 2019 15:48:17 -0800 Subject: [PATCH 1/5] Disable deprecated druid connector by default --- superset/config.py | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/superset/config.py b/superset/config.py index 1e6ff616044d..7391e284e98f 100644 --- a/superset/config.py +++ b/superset/config.py @@ -170,10 +170,15 @@ def _try_json_readsha(filepath): # [TimeZone List] # See: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones # other tz can be overridden by providing a local_config -DRUID_IS_ACTIVE = True DRUID_TZ = tz.tzutc() DRUID_ANALYSIS_TYPES = ["cardinality"] +# Legacy Druid connector +# Druid supports a SQL interface in its newer versions. +# Setting this flag to True enables the deprecated, API-based Druid +# connector. This feature may be removed at a future date. +DRUID_IS_ACTIVE = False + # ---------------------------------------------------- # AUTHENTICATION CONFIG # ---------------------------------------------------- From 0c305aae13a26e9141d052d88f53c7dc6119a9c5 Mon Sep 17 00:00:00 2001 From: Will Barrett Date: Mon, 25 Nov 2019 13:37:11 -0800 Subject: [PATCH 2/5] Add a line in UPDATING.md for the configuration change --- UPDATING.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/UPDATING.md b/UPDATING.md index 34c8e14e7120..02dcc62eff9e 100644 --- a/UPDATING.md +++ b/UPDATING.md @@ -23,6 +23,10 @@ assists people when migrating to a new version. ## Next Version +* [8512](https://github.com/apache/incubator-superset/pull/8512): `DRUID_IS_ACTIVE` now +defaults to False. To enable Druid-API-based functionality, override the +`DRUID_IS_ACTIVE` configuration variable by setting it to `True` for your deployment. + * [8450](https://github.com/apache/incubator-superset/pull/8450): The time ranger picker now uses UTC for the tooltips and default placeholder timestamps (sans timezone). From 46216cfc7d6d3bbde04f926634b0542aac5c359f Mon Sep 17 00:00:00 2001 From: Will Barrett Date: Tue, 26 Nov 2019 09:58:14 -0800 Subject: [PATCH 3/5] Remove security tests related default-disabled feature --- tests/security_tests.py | 8 -------- 1 file changed, 8 deletions(-) diff --git a/tests/security_tests.py b/tests/security_tests.py index 0391d0d51e7b..2edcd42a03b7 100644 --- a/tests/security_tests.py +++ b/tests/security_tests.py @@ -55,9 +55,6 @@ def assert_can_all(self, view_menu, permissions_set): self.assert_can_read(view_menu, permissions_set) self.assert_can_write(view_menu, permissions_set) - def assert_cannot_gamma(self, perm_set): - self.assert_cannot_write("DruidColumnInlineView", perm_set) - def assert_can_gamma(self, perm_set): self.assert_can_read("DatabaseAsync", perm_set) self.assert_can_read("TableModelView", perm_set) @@ -86,7 +83,6 @@ def assert_can_alpha(self, perm_set): self.assert_can_all("SqlMetricInlineView", perm_set) self.assert_can_all("TableColumnInlineView", perm_set) self.assert_can_all("TableModelView", perm_set) - self.assert_can_all("DruidColumnInlineView", perm_set) self.assert_can_all("DruidDatasourceModelView", perm_set) self.assert_can_all("DruidMetricInlineView", perm_set) @@ -209,7 +205,6 @@ def test_is_gamma_pvm(self): def test_gamma_permissions_basic(self): self.assert_can_gamma(get_perm_tuples("Gamma")) - self.assert_cannot_gamma(get_perm_tuples("Gamma")) self.assert_cannot_alpha(get_perm_tuples("Alpha")) @unittest.skipUnless( @@ -234,7 +229,6 @@ def test_sql_lab_permissions(self): self.assertIn(("can_csv", "Superset"), sql_lab_set) self.assertIn(("can_search_queries", "Superset"), sql_lab_set) - self.assert_cannot_gamma(sql_lab_set) self.assert_cannot_alpha(sql_lab_set) def test_granter_permissions(self): @@ -242,7 +236,6 @@ def test_granter_permissions(self): self.assertIn(("can_override_role_permissions", "Superset"), granter_set) self.assertIn(("can_approve", "Superset"), granter_set) - self.assert_cannot_gamma(granter_set) self.assert_cannot_alpha(granter_set) def test_gamma_permissions(self): @@ -273,7 +266,6 @@ def assert_can_all(view_menu): # check read only perms assert_can_read("TableModelView") - assert_cannot_write("DruidColumnInlineView") # make sure that user can create slices and dashboards assert_can_all("SliceModelView") From a1e30a312338a3e7feed4c31cfac1805b7dffb6a Mon Sep 17 00:00:00 2001 From: Will Barrett Date: Tue, 26 Nov 2019 15:45:06 -0800 Subject: [PATCH 4/5] More test updates --- tests/druid_tests.py | 4 ++++ tests/security_tests.py | 11 ----------- 2 files changed, 4 insertions(+), 11 deletions(-) diff --git a/tests/druid_tests.py b/tests/druid_tests.py index c5ab02895a31..b5d5c5c5417d 100644 --- a/tests/druid_tests.py +++ b/tests/druid_tests.py @@ -21,6 +21,7 @@ from unittest.mock import Mock, patch from superset import db, security_manager +from tests.test_app import app from .base_tests import SupersetTestCase @@ -297,6 +298,9 @@ def check(): @unittest.skipUnless( SupersetTestCase.is_module_installed("pydruid"), "pydruid not installed" ) + @unittest.skipUnless( + app.config["DRUID_IS_ACTIVE"], "DRUID_IS_ACTIVE is false" + ) def test_filter_druid_datasource(self): CLUSTER_NAME = "new_druid" cluster = self.get_or_create( diff --git a/tests/security_tests.py b/tests/security_tests.py index 2edcd42a03b7..47c2b1405f8b 100644 --- a/tests/security_tests.py +++ b/tests/security_tests.py @@ -83,11 +83,8 @@ def assert_can_alpha(self, perm_set): self.assert_can_all("SqlMetricInlineView", perm_set) self.assert_can_all("TableColumnInlineView", perm_set) self.assert_can_all("TableModelView", perm_set) - self.assert_can_all("DruidDatasourceModelView", perm_set) - self.assert_can_all("DruidMetricInlineView", perm_set) self.assertIn(("all_datasource_access", "all_datasource_access"), perm_set) - self.assertIn(("muldelete", "DruidDatasourceModelView"), perm_set) def assert_cannot_alpha(self, perm_set): if app.config["ENABLE_ACCESS_REQUEST"]: @@ -100,7 +97,6 @@ def assert_cannot_alpha(self, perm_set): def assert_can_admin(self, perm_set): self.assert_can_read("DatabaseAsync", perm_set) self.assert_can_all("DatabaseView", perm_set) - self.assert_can_all("DruidClusterModelView", perm_set) self.assert_can_all("RoleModelView", perm_set) self.assert_can_all("UserDBModelView", perm_set) @@ -181,13 +177,6 @@ def test_is_alpha_only(self): ) ) ) - self.assertTrue( - security_manager._is_alpha_only( - security_manager.find_permission_view_menu( - "can_delete", "DruidMetricInlineView" - ) - ) - ) self.assertTrue( security_manager._is_alpha_only( security_manager.find_permission_view_menu( From f2d0d3a9b05026464e59190ea57afd8bb8c069a2 Mon Sep 17 00:00:00 2001 From: Will Barrett Date: Wed, 27 Nov 2019 09:04:07 -0800 Subject: [PATCH 5/5] black --- tests/druid_tests.py | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/tests/druid_tests.py b/tests/druid_tests.py index b5d5c5c5417d..73c621d2cc50 100644 --- a/tests/druid_tests.py +++ b/tests/druid_tests.py @@ -298,9 +298,7 @@ def check(): @unittest.skipUnless( SupersetTestCase.is_module_installed("pydruid"), "pydruid not installed" ) - @unittest.skipUnless( - app.config["DRUID_IS_ACTIVE"], "DRUID_IS_ACTIVE is false" - ) + @unittest.skipUnless(app.config["DRUID_IS_ACTIVE"], "DRUID_IS_ACTIVE is false") def test_filter_druid_datasource(self): CLUSTER_NAME = "new_druid" cluster = self.get_or_create(