villebro commented on code in PR #21931:
URL: https://github.com/apache/superset/pull/21931#discussion_r1006156187
##########
superset/reports/commands/execute.py:
##########
@@ -677,10 +690,10 @@ def __init__(self, task_id: str, model_id: int,
scheduled_dttm: datetime):
def run(self) -> None:
with session_scope(nullpool=True) as session:
try:
- with override_user(_get_user()):
- self.validate(session=session)
- if not self._model:
- raise ReportScheduleExecuteUnexpectedError()
+ self.validate(session=session)
+ if not self._model:
+ raise ReportScheduleExecuteUnexpectedError()
+ with override_user(_get_user(self._model)):
Review Comment:
When executing these reports async, we can't use the DAO here, as that uses
the base filter that checks `g.user` which isn't set yet. Previously the flow
was as follows:
1. Override `g.user` to `THUMBNAIL_SELENIUM_USER`
2. Get the `ReportSchedule` instance in `self.validate()` which checks if
`g.user` has access to all datasources
3. Execute the `ReportSchedule`
In the new flow, we can't set the user in step 1, because we may need to set
`g.user` to whoever created/modified/owns the `ReportSchedule. Therefore, the
new flow looks as follows:
1. Get the `ReportSchedule` in `self.validate()` without the DAO (=ignoring
the base filter)
2. Override `g.user` to whichever user we should be executing as: sometimes
`THUMBNAIL_SELENIUM_USER`, but sometimes the creator/last modifier/owner
3. Execute the `ReportSchedule`
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
