chore: deprecate restricted metrics #8197

mistercrunch · 2019-09-09T05:02:21Z

An early community contribution added the concept of restricted metrics.

The idea was to allow for some metrics to be restricted, and if a metric
was tagged as such, a user would need to be given access to that metric
more explicitely, through a special perm we would maintain for that
metric.

Now since the new concept of "Adhoc Metrics", the popover that lets a
user pick a column and an aggregate function or to write their own SQL
expression inline, this restriction is completely bypassed. Adhoc
metrics was developed without the restricted metrics in mind.

Anyhow, in the near future, we'll be rethinking the ideas behind
data-access permissions, and things like column-level or row-level
security will be redesigned from scratch.

By deprecating this feature, we're removing a confusing and mostly broken
feature, and making it easy to move forward

john-bodley

Thanks @mistercrunch. I agree with this approach.

john-bodley · 2019-09-09T05:38:49Z

superset/migrations/versions/11c737c17cc6_deprecate_restricted_metrics.py

+
+
+def upgrade():
+    op.drop_column("metrics", "is_restricted")


I think you need to use op.batch_alter_table to satisfy SQLite.

An early community contribution added the concept of restricted metrics. The idea was to allow for some metrics to be restricted, and if a metric was tagged as such, a user would need to be given access to that metric more explicitely, through a special perm we would maintain for that metric. Now since the new concept of "Adhoc Metrics", the popover that lets a user pick a column and an aggregate function or to write their own SQL expression inline, this restriction is completely bypassed. Adhoc metrics was developed without the restricted metrics in mind. Anyhow, in the near future, we'll be rethinking the ideas behind data-access permissions, and things like column-level or row-level security will be redesigned from scratch. By deprecating this feature, we're removing a confusing and mostly broken feature, and making it easy to move forward

mistercrunch · 2019-09-09T23:53:02Z

superset/assets/package.json

@@ -10,7 +10,7 @@
  "scripts": {
    "tdd": "jest --watch",
    "test": "jest",
-    "cover": "jest --maxWorkers=8 --coverage",
+    "cover": "jest --coverage",


unrelated to this PR, but this seems to help quite a bit with broken JS builds. For reference, not specifying maxWorkers will lead to use all CPUs cores on the box minus one

codecov-io · 2019-09-10T00:23:06Z

Codecov Report

Merging #8197 into master will increase coverage by <.01%.
The diff coverage is 100%.

@@            Coverage Diff             @@
##           master    #8197      +/-   ##
==========================================
+ Coverage   66.16%   66.17%   +<.01%     
==========================================
  Files         479      479              
  Lines       22920    22897      -23     
  Branches     2524     2524              
==========================================
- Hits        15164    15151      -13     
+ Misses       7622     7612      -10     
  Partials      134      134

Impacted Files	Coverage Δ
superset/connectors/druid/views.py	`69.12% <ø> (+1.38%)`	⬆️
superset/connectors/sqla/views.py	`66.95% <ø> (+1.66%)`	⬆️
superset/connectors/sqla/models.py	`84.26% <ø> (ø)`	⬆️
superset/connectors/base/models.py	`90% <ø> (-0.06%)`	⬇️
superset/exceptions.py	`100% <ø> (ø)`	⬆️
superset/security.py	`74.08% <ø> (+0.08%)`	⬆️
superset/connectors/druid/models.py	`81.67% <100%> (+0.01%)`	⬆️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 7546ea3...ff5be2e. Read the comment docs.

pull-request-size bot added the size/L label Sep 9, 2019

mistercrunch mentioned this pull request Sep 9, 2019

[metric] Exposing security methods for visualizations and query-context #8175

Merged

12 tasks

john-bodley approved these changes Sep 9, 2019

View reviewed changes

john-bodley reviewed Sep 9, 2019

View reviewed changes

mistercrunch added 3 commits September 9, 2019 16:01

Use context manager to drop columns

f414066

disable jest's maxWorkers

ff5be2e

mistercrunch force-pushed the dep_restricted_metrics branch from eae1947 to ff5be2e Compare September 9, 2019 23:41

mistercrunch commented Sep 9, 2019

View reviewed changes

mistercrunch marked this pull request as ready for review September 10, 2019 00:20

mistercrunch merged commit 9d4b955 into apache:master Sep 10, 2019

mistercrunch deleted the dep_restricted_metrics branch September 10, 2019 00:20

dpgaspar added the preset label Nov 13, 2019

mistercrunch added preset-io and removed preset labels Nov 26, 2019

john-bodley mentioned this pull request Oct 2, 2020

chore: Remove obsolete creating missing metric permissions #11143

Merged

6 tasks

mistercrunch added 🏷️ bot A label used by `supersetbot` to keep track of which PR where auto-tagged with release labels 🚢 0.35.0 labels Feb 28, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore: deprecate restricted metrics #8197

chore: deprecate restricted metrics #8197

mistercrunch commented Sep 9, 2019

john-bodley left a comment

john-bodley Sep 9, 2019

mistercrunch Sep 9, 2019

codecov-io commented Sep 10, 2019

chore: deprecate restricted metrics #8197

chore: deprecate restricted metrics #8197

Conversation

mistercrunch commented Sep 9, 2019

john-bodley left a comment

Choose a reason for hiding this comment

john-bodley Sep 9, 2019

Choose a reason for hiding this comment

mistercrunch Sep 9, 2019

Choose a reason for hiding this comment

codecov-io commented Sep 10, 2019

Codecov Report