Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Catch error when no user is set on request #44

Closed
wants to merge 1 commit into from
Closed

Catch error when no user is set on request #44

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 5 additions & 2 deletions hq_superset/hq_domain.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -34,8 +34,11 @@ def after_request_hook(response):


def is_user_admin():
from superset import security_manager
return security_manager.is_admin()
try:
from superset import security_manager
return security_manager.is_admin()
except AttributeError:
return False
Comment on lines +37 to +41
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It bothers me that we have to catch this error, because it's not in our codebase.

What if we first check the user, like so?

Suggested change
try:
from superset import security_manager
return security_manager.is_admin()
except AttributeError:
return False
from superset import security_manager
from flask import g
return g.user and security_manager.is_admin()

Copy link
Contributor Author

@Charl1996 Charl1996 Apr 30, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@kaapstorm

It bothers me that we have to catch this error, because it's not in our codebase.

Yeah, but at this stage I'm more prone getting it to work in our code.

The g.user is the part where it fails hard. Just running g.user will raise the AttributeError.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Does security manager provide another method on it that we can call to check if there is a user or not before calling is_admin?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we instead at least do this

try:
    # Check if there is a user first before checking for admin via security manager
    g.user
except AttributeError:
    return False
return security_manager.is_admin()



def ensure_domain_selected():
Expand Down
Loading