Merge pull request #31 from rdytech/NEP-18176_user_site_programme_data_scoping

[NEP-18176]: Implementing data scoping based on user programmes and sites

Author: soundarya-mv

CHANGELOG.md

@@ -1,4 +1,8 @@
 ## Change Log
+## 0.2.0 - 2024-08-19
+
+* Adding RLS filter clause to the 'api/v1/security/guest_token/' API params in guest_token.rb - https://github.com/rdytech/superset-client/pull/31
+* Any filter that needs to applied to the dataset's final where condition can be passed here. Ex: [{ "clause": "publisher = 'Nintendo'" }]. Refer this: https://github.com/apache/superset/tree/master/superset-embedded-sdk#creating-a-guest-token
 
 ## 0.1.7 - 2024-08-27
 

Gemfile.lock

@@ -14,7 +14,7 @@ GIT
 PATH
   remote: .
   specs:
-    superset (0.1.6)
+    superset (0.2.0)
       dotenv (~> 2.7)
       enumerate_it (~> 1.7.0)
       faraday (~> 1.0)

lib/superset/guest_token.rb

@@ -2,14 +2,16 @@ module Superset
   class GuestToken
     include Credential::EmbeddedUser
 
-    attr_accessor :embedded_dashboard_id, :current_user
+    attr_accessor :embedded_dashboard_id, :rls_clause, :additional_params
 
-    def initialize(embedded_dashboard_id: , current_user: nil)
+    def initialize(embedded_dashboard_id:, rls_clause: [], **additional_params)
       @embedded_dashboard_id = embedded_dashboard_id
-      @current_user = current_user
+      @rls_clause = rls_clause
+      @additional_params = additional_params
     end
 
     def guest_token
+      validate_params
       response_body['token']
     end
 
@@ -20,18 +22,23 @@ def params
             "id": embedded_dashboard_id.to_s,
             "type": "dashboard" }
         ],
-        "rls": [],
+        "rls": rls_clause, # Ex: [{ "clause": "publisher = 'Nintendo'" }]
         "user": current_user_params
-      }
+      }.merge(additional_params)
     end
 
     private
 
+    def validate_params
+      raise Superset::Request::InvalidParameterError, "rls_clause should be an array. But it is #{rls_clause.class}" if rls_clause.nil? || rls_clause.class != Array
+    end
+
     # optional param to be available in Superset for query templating using jinja
     # ss expects username .. which could be used to query as current_user.id
     def current_user_params
-      if current_user
-        { "username": current_user.id.to_s }
+      current_user_id = additional_params[:embedded_app_current_user_id]
+      if current_user_id
+        { "username": current_user_id.to_s }
       else
         { }
       end

lib/superset/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Superset
-  VERSION = "0.1.7"
+  VERSION = "0.2.0"
 end

spec/superset/guest_token_spec.rb

@@ -14,16 +14,72 @@
     it 'returns the guest token from the response' do
       expect(subject.guest_token).to eq('some-token')
     end
+
+    context 'when invalid rls clause is passed' do
+      before { allow(subject).to receive(:rls_clause).and_return(rls_clause) }
+      context 'when rls_clause is nil' do
+        let(:rls_clause) { nil }
+        it 'raises invalid parameter error' do
+          expect{ subject.guest_token }.to raise_error(Superset::Request::InvalidParameterError, 'rls_clause should be an array. But it is NilClass')
+        end
+      end
+
+      context 'when rls_clause is not an array' do
+        let(:rls_clause) { { "clause": "publisher = 'Nintendo'" } }
+        it 'raises invalid parameter error' do
+          expect{ subject.guest_token }.to raise_error(Superset::Request::InvalidParameterError, "rls_clause should be an array. But it is Hash")
+        end
+      end
+    end
   end
 
   describe '#params' do
-    before do
-      allow(subject).to receive(:current_user).and_return(user)
-    end
+    context "with additional params" do
+      before do
+        allow(subject).to receive(:additional_params).and_return(additional_params)
+      end
 
-    context 'without a current_user' do
-      let(:user) { nil }
+      context 'without a current_user' do
+        let(:additional_params) { {} }
+
+        specify do
+          expect(subject.params).to eq(
+            {
+              "resources": [
+                {
+                  "id": ss_dashboard_id,
+                  "type": "dashboard" }
+              ],
+              "rls": [],
+              "user": { }
+            }
+          )
+        end
+      end
 
+      context 'with a current_user' do
+        let(:additional_params) { {embedded_app_current_user_id: 1} }
+
+        specify 'passes user id to superset' do
+          expect(subject.params).to eq(
+            {
+              "resources": [
+                {
+                  "id": ss_dashboard_id,
+                  "type": "dashboard" }
+              ],
+              "rls": [],
+              "user": { username: additional_params[:embedded_app_current_user_id].to_s },
+              "embedded_app_current_user_id": additional_params[:embedded_app_current_user_id]
+            }
+          )
+        end
+      end
+    end
+
+    context 'with rls clause' do
+      before { allow(subject).to receive(:rls_clause).and_return(rls_clause) }
+      let(:rls_clause) { [{ "clause": "publisher = 'Nintendo'" }] }
       specify do
         expect(subject.params).to eq(
           {
@@ -32,17 +88,17 @@
                 "id": ss_dashboard_id,
                 "type": "dashboard" }
             ],
-            "rls": [],
+            "rls": rls_clause,
             "user": { }
           }
         )
       end
     end
 
-    context 'with a current_user' do
-      let(:user) { double(id: 101) }
-
-      specify 'passes user id to superset' do
+    context 'with rls clause as empty array' do
+      before { allow(subject).to receive(:rls_clause).and_return(rls_clause) }
+      let(:rls_clause) { [] }
+      specify do
         expect(subject.params).to eq(
           {
             "resources": [
@@ -51,7 +107,7 @@
                 "type": "dashboard" }
             ],
             "rls": [],
-            "user": { username: "101" }
+            "user": { }
           }
         )
       end