Merge pull request #31 from rdytech/NEP-18176_user_site_programme_dat…

…a_scoping [NEP-18176]: Implementing data scoping based on user programmes and sites
rdytech · Sep 6, 2024 · 65b3820 · 65b3820
2 parents 5e40a8f + c9f5062
commit 65b3820
Show file tree

Hide file tree

Showing 5 changed files with 87 additions and 20 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,4 +1,8 @@
 ## Change Log
+## 0.2.0 - 2024-08-19
+
+* Adding RLS filter clause to the 'api/v1/security/guest_token/' API params in guest_token.rb - https://github.com/rdytech/superset-client/pull/31
+* Any filter that needs to applied to the dataset's final where condition can be passed here. Ex: [{ "clause": "publisher = 'Nintendo'" }]. Refer this: https://github.com/apache/superset/tree/master/superset-embedded-sdk#creating-a-guest-token
 
 ## 0.1.7 - 2024-08-27
 

diff --git a/Gemfile.lock b/Gemfile.lock
@@ -14,7 +14,7 @@ GIT
 PATH
  remote: .
  specs:
- superset (0.1.6)
+ superset (0.2.0)
  dotenv (~> 2.7)
  enumerate_it (~> 1.7.0)
  faraday (~> 1.0)

diff --git a/lib/superset/guest_token.rb b/lib/superset/guest_token.rb
@@ -2,14 +2,16 @@ module Superset
  class GuestToken
  include Credential::EmbeddedUser
 
- attr_accessor :embedded_dashboard_id, :current_user
+ attr_accessor :embedded_dashboard_id, :rls_clause, :additional_params
 
- def initialize(embedded_dashboard_id: , current_user: nil)
+ def initialize(embedded_dashboard_id:, rls_clause: [], **additional_params)
  @embedded_dashboard_id = embedded_dashboard_id
- @current_user = current_user
+ @rls_clause = rls_clause
+ @additional_params = additional_params
  end
 
  def guest_token
+ validate_params
  response_body['token']
  end
 
@@ -20,18 +22,23 @@ def params
  "id": embedded_dashboard_id.to_s,
  "type": "dashboard" }
  ],
- "rls": [],
+ "rls": rls_clause, # Ex: [{ "clause": "publisher = 'Nintendo'" }]
  "user": current_user_params
- }
+ }.merge(additional_params)
  end
 
  private
 
+ def validate_params
+ raise Superset::Request::InvalidParameterError, "rls_clause should be an array. But it is #{rls_clause.class}" if rls_clause.nil? || rls_clause.class != Array
+ end
+
  # optional param to be available in Superset for query templating using jinja
  # ss expects username .. which could be used to query as current_user.id
  def current_user_params
- if current_user
- { "username": current_user.id.to_s }
+ current_user_id = additional_params[:embedded_app_current_user_id]
+ if current_user_id
+ { "username": current_user_id.to_s }
  else
  { }
  end

diff --git a/lib/superset/version.rb b/lib/superset/version.rb
@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Superset
- VERSION = "0.1.7"
+ VERSION = "0.2.0"
 end
diff --git a/spec/superset/guest_token_spec.rb b/spec/superset/guest_token_spec.rb
@@ -14,16 +14,72 @@
  it 'returns the guest token from the response' do
  expect(subject.guest_token).to eq('some-token')
  end
+
+ context 'when invalid rls clause is passed' do
+ before { allow(subject).to receive(:rls_clause).and_return(rls_clause) }
+ context 'when rls_clause is nil' do
+ let(:rls_clause) { nil }
+ it 'raises invalid parameter error' do
+ expect{ subject.guest_token }.to raise_error(Superset::Request::InvalidParameterError, 'rls_clause should be an array. But it is NilClass')
+ end
+ end
+
+ context 'when rls_clause is not an array' do
+ let(:rls_clause) { { "clause": "publisher = 'Nintendo'" } }
+ it 'raises invalid parameter error' do
+ expect{ subject.guest_token }.to raise_error(Superset::Request::InvalidParameterError, "rls_clause should be an array. But it is Hash")
+ end
+ end
+ end
  end
 
  describe '#params' do
- before do
- allow(subject).to receive(:current_user).and_return(user)
- end
+ context "with additional params" do
+ before do
+ allow(subject).to receive(:additional_params).and_return(additional_params)
+ end
 
- context 'without a current_user' do
- let(:user) { nil }
+ context 'without a current_user' do
+ let(:additional_params) { {} }
+
+ specify do
+ expect(subject.params).to eq(
+ {
+ "resources": [
+ {
+ "id": ss_dashboard_id,
+ "type": "dashboard" }
+ ],
+ "rls": [],
+ "user": { }
+ }
+ )
+ end
+ end
 
+ context 'with a current_user' do
+ let(:additional_params) { {embedded_app_current_user_id: 1} }
+
+ specify 'passes user id to superset' do
+ expect(subject.params).to eq(
+ {
+ "resources": [
+ {
+ "id": ss_dashboard_id,
+ "type": "dashboard" }
+ ],
+ "rls": [],
+ "user": { username: additional_params[:embedded_app_current_user_id].to_s },
+ "embedded_app_current_user_id": additional_params[:embedded_app_current_user_id]
+ }
+ )
+ end
+ end
+ end
+
+ context 'with rls clause' do
+ before { allow(subject).to receive(:rls_clause).and_return(rls_clause) }
+ let(:rls_clause) { [{ "clause": "publisher = 'Nintendo'" }] }
  specify do
  expect(subject.params).to eq(
  {
@@ -32,17 +88,17 @@
  "id": ss_dashboard_id,
  "type": "dashboard" }
  ],
- "rls": [],
+ "rls": rls_clause,
  "user": { }
  }
  )
  end
  end
 
- context 'with a current_user' do
- let(:user) { double(id: 101) }
-
- specify 'passes user id to superset' do
+ context 'with rls clause as empty array' do
+ before { allow(subject).to receive(:rls_clause).and_return(rls_clause) }
+ let(:rls_clause) { [] }
+ specify do
  expect(subject.params).to eq(
  {
  "resources": [
@@ -51,7 +107,7 @@
  "type": "dashboard" }
  ],
  "rls": [],
- "user": { username: "101" }
+ "user": { }
  }
  )
  end