hotfix: Revert PR on custom url quicksight embedding sessions (#403)

### Feature or Bugfix
- Bugfix

### Detail
In PR #380 domains that are not custom domains are not taken into
account. Reverting changes back and will continue that feature on the
side.

### Relates
- #400 

By submitting this pull request, I confirm that my contribution is made
under the terms of the Apache 2.0 license.

backend/dataall/api/Objects/Dashboard/resolvers.py

@@ -7,12 +7,6 @@
 from ....db import permissions, models
 from ....db.api import ResourcePolicy, Glossary, Vote
 from ....searchproxy import indexers
-from ....utils import Parameter
-
-param_store = Parameter()
-ENVNAME = os.getenv("envname", "local")
-DOMAIN_NAME = param_store.get_parameter(env=ENVNAME, path="frontend/custom_domain_name") if ENVNAME not in ["local", "dkrcompose"] else None
-DOMAIN_URL = f"https://{DOMAIN_NAME}" if DOMAIN_NAME else "http://localhost:8080"
 
 
 def get_quicksight_reader_url(context, source, dashboardUri: str = None):
@@ -39,7 +33,6 @@ def get_quicksight_reader_url(context, source, dashboardUri: str = None):
                 region=env.region,
                 UserName=context.username,
                 DashboardId=dash.DashboardId,
-                domain_name=DOMAIN_URL,
             )
         else:
             shared_groups = db.api.Dashboard.query_all_user_groups_shareddashboard(

backend/dataall/aws/handlers/quicksight.py

@@ -234,7 +234,9 @@ def register_user_in_group(AwsAccountId, UserName, GroupName, UserRole='READER')
         return Quicksight.describe_user(AwsAccountId, UserName)
 
     @staticmethod
-    def get_reader_session(AwsAccountId, region, UserName, UserRole="READER", DashboardId=None, domain_name: str = None):
+    def get_reader_session(
+        AwsAccountId, region, UserName, UserRole='READER', DashboardId=None
+    ):
 
         client = Quicksight.get_quicksight_client(AwsAccountId, region)
         user = Quicksight.describe_user(AwsAccountId, UserName)
@@ -243,16 +245,12 @@ def get_reader_session(AwsAccountId, region, UserName, UserRole="READER", Dashbo
                 AwsAccountId=AwsAccountId, UserName=UserName, GroupName=DEFAULT_GROUP_NAME, UserRole=UserRole
             )
 
-        response = client.generate_embed_url_for_registered_user(
+        response = client.get_dashboard_embed_url(
             AwsAccountId=AwsAccountId,
+            DashboardId=DashboardId,
+            IdentityType='QUICKSIGHT',
             SessionLifetimeInMinutes=120,
-            UserArn=user.get("Arn"),
-            ExperienceConfiguration={
-                "Dashboard": {
-                    "InitialDashboardId": DashboardId,
-                },
-            },
-            AllowedDomains=[domain_name],
+            UserArn=user.get('Arn'),
         )
         return response.get('EmbedUrl')
 

deploy/pivot_role/pivotRole.yaml

@@ -593,7 +593,7 @@ Resources:
               - "quicksight:DescribeDashboard"
               - "quicksight:DescribeUser"
               - "quicksight:SearchDashboards"
-              - "quicksight:GenerateEmbedUrlForRegisteredUser"
+              - "quicksight:GetDashboardEmbedUrl"
               - "quicksight:GenerateEmbedUrlForAnonymousUser"
               - "quicksight:UpdateUser"
               - "quicksight:ListUserGroups"

documentation/userguide/docs/environments.md

@@ -77,6 +77,15 @@ Enterprise option as show below:
 
 ![quicksight](pictures/environments/boot_qs_2.png#zoom#shadow)
 
+After you've successfully subscribed to QuickSight, we need to trust <span style="color:grey">*data.all*</span> domain on QuickSight
+to enable Dashboard Embedding on <span style="color:grey">*data.all*</span> UI. To do that go to:
+
+1. Manage QuickSight
+2. Domains and Embedding
+3. Put <span style="color:grey">*data.all*</span> domain and check include subdomains
+4. Save
+
+![quicksight_domain](pictures/environments/boot_qs_3.png#zoom#shadow)
 
 ## :material-new-box: **Link an environment**
 ### Necessary permissions