suddjian commented on a change in pull request #17757:
URL: https://github.com/apache/superset/pull/17757#discussion_r772681422
##########
File path: superset/security/manager.py
##########
@@ -1319,3 +1339,33 @@ def parse_jwt_guest_token(raw_token: str) -> GuestToken:
if token.get("resources") is None:
raise ValueError("Guest token does not contain a resources claim")
return cast(GuestToken, token)
+
+ @staticmethod
+ def is_guest_user(user: Any) -> bool:
+ # pylint: disable=import-outside-toplevel
+ from superset import is_feature_enabled
+
+ if not is_feature_enabled("EMBEDDED_SUPERSET"):
+ return False
+ return hasattr(user, "is_guest_user") and user.is_guest_user
+
+ def get_current_guest_user_if_guest(self) -> Optional[GuestUser]:
+ # pylint: disable=import-outside-toplevel
+ from superset.extensions import feature_flag_manager
+
+ if self.is_guest_user(g.user):
+ return g.user
+ return None
+
+ def has_guest_access(
+ self, resource_type: GuestTokenResourceType, id: Union[str, int]
+ ) -> bool:
+ user = self.get_current_guest_user_if_guest()
+ if not user:
+ return False
+
+ strid = str(id)
+ for resource in user.resources:
Review comment:
test with a guest user who has access to a resource that is first in the
list, and also farther into the list
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscr...@superset.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscr...@superset.apache.org
For additional commands, e-mail: notifications-h...@superset.apache.org
