From d86962b4e3be673fe8f6eeafd6ca3dde7362c8d1 Mon Sep 17 00:00:00 2001 From: Allen Short Date: Wed, 28 Dec 2016 14:07:38 -0600 Subject: [PATCH 1/2] Commit DB transaction when needed --- redash/handlers/alerts.py | 2 +- redash/handlers/dashboards.py | 2 +- redash/handlers/data_sources.py | 6 ++---- redash/handlers/destinations.py | 4 ++-- redash/handlers/embed.py | 4 +++- redash/handlers/events.py | 3 ++- redash/handlers/groups.py | 18 +++++++----------- redash/handlers/permissions.py | 4 ++-- redash/handlers/queries.py | 8 ++++---- redash/handlers/query_results.py | 1 - redash/handlers/query_snippets.py | 2 +- redash/handlers/users.py | 17 ++++++++--------- redash/handlers/widgets.py | 7 +++---- redash/tasks/general.py | 1 + 14 files changed, 37 insertions(+), 42 deletions(-) diff --git a/redash/handlers/alerts.py b/redash/handlers/alerts.py index 34c7826c..3a8d4be0 100644 --- a/redash/handlers/alerts.py +++ b/redash/handlers/alerts.py @@ -28,7 +28,7 @@ class AlertResource(BaseResource): 'object_id': alert.id, 'object_type': 'alert' }) - + models.db.session.commit() return alert.to_dict() def delete(self, alert_id): diff --git a/redash/handlers/dashboards.py b/redash/handlers/dashboards.py index 5f90d23a..468160ee 100644 --- a/redash/handlers/dashboards.py +++ b/redash/handlers/dashboards.py @@ -123,7 +123,7 @@ class DashboardShareResource(BaseResource): 'object_id': dashboard.id, 'object_type': 'dashboard', }) - + models.db.session.commit() return {'public_url': public_url, 'api_key': api_key.api_key} def delete(self, dashboard_id): diff --git a/redash/handlers/data_sources.py b/redash/handlers/data_sources.py index d4020a50..6ceac2e8 100644 --- a/redash/handlers/data_sources.py +++ b/redash/handlers/data_sources.py @@ -128,14 +128,13 @@ class DataSourcePauseResource(BaseResource): data_source.pause(reason) models.db.session.add(data_source) - models.db.session.commit() self.record_event({ 'action': 'pause', 'object_id': data_source.id, 'object_type': 'datasource' }) - + models.db.session.commit() return data_source.to_dict() @require_admin @@ -143,14 +142,13 @@ class DataSourcePauseResource(BaseResource): data_source = get_object_or_404(models.DataSource.get_by_id_and_org, data_source_id, self.current_org) data_source.resume() models.db.session.add(data_source) - models.db.session.commit() self.record_event({ 'action': 'resume', 'object_id': data_source.id, 'object_type': 'datasource' }) - + models.db.session.commit() return data_source.to_dict() diff --git a/redash/handlers/destinations.py b/redash/handlers/destinations.py index 6213626b..39688c54 100644 --- a/redash/handlers/destinations.py +++ b/redash/handlers/destinations.py @@ -39,7 +39,7 @@ class DestinationResource(BaseResource): destination.name = req['name'] models.db.session.add(destination) - + models.db.session.commit() return destination.to_dict(all=True) @require_admin @@ -88,5 +88,5 @@ class DestinationListResource(BaseResource): user=self.current_user) models.db.session.add(destination) - + models.db.session.commit() return destination.to_dict(all=True) diff --git a/redash/handlers/embed.py b/redash/handlers/embed.py index 47731b97..db877868 100644 --- a/redash/handlers/embed.py +++ b/redash/handlers/embed.py @@ -57,6 +57,7 @@ def run_query_sync(data_source, parameter_values, query_text, max_age=0): query_hash, query_text, data, run_time, utils.utcnow()) + models.db.session.commit() return data except Exception, e: if max_age > 0: @@ -79,6 +80,7 @@ def embed(query_id, visualization_id, org_slug=None): }) full_path = safe_join(settings.STATIC_ASSETS_PATHS[-2], 'index.html') + models.db.session.commit() return send_file(full_path, **dict(cache_timeout=0, conditional=True)) @@ -94,6 +96,6 @@ def public_dashboard(token, org_slug=None): # 'headless': 'embed' in request.args, # 'referer': request.headers.get('Referer') # }) - + # models.db.session.commit() full_path = safe_join(settings.STATIC_ASSETS_PATHS[-2], 'index.html') return send_file(full_path, **dict(cache_timeout=0, conditional=True)) diff --git a/redash/handlers/events.py b/redash/handlers/events.py index b9a0862f..cc411ecc 100644 --- a/redash/handlers/events.py +++ b/redash/handlers/events.py @@ -1,6 +1,7 @@ from flask import request from redash.handlers.base import BaseResource +from redash.models import db class EventResource(BaseResource): @@ -8,5 +9,5 @@ class EventResource(BaseResource): events_list = request.get_json(force=True) for event in events_list: self.record_event(event) - + db.session.commit() diff --git a/redash/handlers/groups.py b/redash/handlers/groups.py index a10435d6..9af44c18 100644 --- a/redash/handlers/groups.py +++ b/redash/handlers/groups.py @@ -20,7 +20,7 @@ class GroupListResource(BaseResource): 'object_id': group.id, 'object_type': 'group' }) - + models.db.session.commit() return group.to_dict() def get(self): @@ -49,7 +49,7 @@ class GroupResource(BaseResource): 'object_id': group.id, 'object_type': 'group' }) - + models.db.session.commit() return group.to_dict() def get(self, group_id): @@ -78,8 +78,6 @@ class GroupMemberListResource(BaseResource): group = models.Group.get_by_id_and_org(group_id, self.current_org) user.group_ids.append(group.id) - models.db.session.commit() - self.record_event({ 'action': 'add_member', 'timestamp': int(time.time()), @@ -87,7 +85,7 @@ class GroupMemberListResource(BaseResource): 'object_type': 'group', 'member_id': user.id }) - + models.db.session.commit() return user.to_dict() @require_permission('list_users') @@ -105,8 +103,6 @@ class GroupMemberResource(BaseResource): user = models.User.get_by_id_and_org(user_id, self.current_org) user.group_ids.remove(int(group_id)) - models.db.session.commit() - self.record_event({ 'action': 'remove_member', 'timestamp': int(time.time()), @@ -114,6 +110,7 @@ class GroupMemberResource(BaseResource): 'object_type': 'group', 'member_id': user.id }) + models.db.session.commit() def serialize_data_source_with_group(data_source, data_source_group): @@ -131,7 +128,6 @@ class GroupDataSourceListResource(BaseResource): data_source_group = data_source.add_group(group) - models.db.session.commit() self.record_event({ 'action': 'add_data_source', @@ -140,7 +136,7 @@ class GroupDataSourceListResource(BaseResource): 'object_type': 'group', 'member_id': data_source.id }) - + models.db.session.commit() return serialize_data_source_with_group(data_source, data_source_group) @require_admin @@ -165,8 +161,6 @@ class GroupDataSourceResource(BaseResource): data_source_group = data_source.update_group_permission(group, view_only) - models.db.session.commit() - self.record_event({ 'action': 'change_data_source_permission', 'timestamp': int(time.time()), @@ -175,6 +169,7 @@ class GroupDataSourceResource(BaseResource): 'member_id': data_source.id, 'view_only': view_only }) + models.db.session.commit() return serialize_data_source_with_group(data_source, data_source_group) @@ -192,3 +187,4 @@ class GroupDataSourceResource(BaseResource): 'object_type': 'group', 'member_id': data_source.id }) + models.db.session.commit() diff --git a/redash/handlers/permissions.py b/redash/handlers/permissions.py index d2744622..89f8971d 100644 --- a/redash/handlers/permissions.py +++ b/redash/handlers/permissions.py @@ -60,10 +60,10 @@ class ObjectPermissionsListResource(BaseResource): 'action': 'grant_permission', 'object_id': object_id, 'object_type': object_type, + 'grantee': grantee.id, 'access_type': access_type, - 'grantee': grantee.id }) - + db.session.commit() return permission.to_dict() def delete(self, object_type, object_id): diff --git a/redash/handlers/queries.py b/redash/handlers/queries.py index 426a4602..49871765 100644 --- a/redash/handlers/queries.py +++ b/redash/handlers/queries.py @@ -65,14 +65,13 @@ class QueryListResource(BaseResource): query_def['is_draft'] = True query = models.Query.create(**query_def) models.db.session.add(query) - models.db.session.commit() self.record_event({ 'action': 'create', 'object_id': query.id, 'object_type': 'query' }) - + models.db.session.commit() return query.to_dict() @require_permission('view_query') @@ -121,8 +120,7 @@ class QueryResource(BaseResource): except StaleDataError: abort(409) - result = query.to_dict(with_visualizations=True) - return result + return query.to_dict(with_visualizations=True) @require_permission('view_query') def get(self, query_id): @@ -138,6 +136,7 @@ class QueryResource(BaseResource): query = get_object_or_404(models.Query.get_by_id_and_org, query_id, self.current_org) require_admin_or_owner(query.user_id) query.archive(self.current_user) + models.db.session.commit() class QueryForkResource(BaseResource): @@ -145,6 +144,7 @@ class QueryForkResource(BaseResource): def post(self, query_id): query = get_object_or_404(models.Query.get_by_id_and_org, query_id, self.current_org) forked_query = query.fork(self.current_user) + models.db.session.commit() return forked_query.to_dict(with_visualizations=True) diff --git a/redash/handlers/query_results.py b/redash/handlers/query_results.py index 015dc240..d7ca759d 100644 --- a/redash/handlers/query_results.py +++ b/redash/handlers/query_results.py @@ -71,7 +71,6 @@ class QueryResultListResource(BaseResource): 'object_type': 'data_source', 'query': query }) - return run_query(data_source, parameter_values, query, query_id, max_age) diff --git a/redash/handlers/query_snippets.py b/redash/handlers/query_snippets.py index 1ab9f0fd..589e7efb 100644 --- a/redash/handlers/query_snippets.py +++ b/redash/handlers/query_snippets.py @@ -35,13 +35,13 @@ class QuerySnippetResource(BaseResource): snippet_id, self.current_org) require_admin_or_owner(snippet.user.id) models.db.session.delete(snippet) - models.db.session.commit() self.record_event({ 'action': 'delete', 'object_id': snippet.id, 'object_type': 'query_snippet' }) + models.db.session.commit() class QuerySnippetListResource(BaseResource): diff --git a/redash/handlers/users.py b/redash/handlers/users.py index d25b6cd8..d020e3bb 100644 --- a/redash/handlers/users.py +++ b/redash/handlers/users.py @@ -108,9 +108,16 @@ class UserResource(BaseResource): if 'groups' in params and not self.current_user.has_permission('admin'): abort(403, message="Must be admin to change groups membership.") + self.record_event({ + 'action': 'edit', + 'timestamp': int(time.time()), + 'object_id': user.id, + 'object_type': 'user', + 'updated_fields': params.keys() + }) try: self.update_model(user, params) - # TODO: this won't be triggered at this point. Need to call db.session.commit? + models.db.session.commit() except IntegrityError as e: if "email" in e.message: message = "Email already taken." @@ -119,14 +126,6 @@ class UserResource(BaseResource): abort(400, message=message) - self.record_event({ - 'action': 'edit', - 'timestamp': int(time.time()), - 'object_id': user.id, - 'object_type': 'user', - 'updated_fields': params.keys() - }) - return user.to_dict(with_api_key=is_admin_or_owner(user_id)) diff --git a/redash/handlers/widgets.py b/redash/handlers/widgets.py index 06d334a8..545c0039 100644 --- a/redash/handlers/widgets.py +++ b/redash/handlers/widgets.py @@ -49,7 +49,7 @@ class WidgetListResource(BaseResource): widget.dashboard.layout = json.dumps(layout) models.db.session.add(widget.dashboard) - + models.db.session.commit() return {'widget': widget.to_dict(), 'layout': layout, 'new_row': new_row, 'version': dashboard.version} @@ -61,14 +61,13 @@ class WidgetResource(BaseResource): require_object_modify_permission(widget.dashboard, self.current_user) widget_properties = request.get_json(force=True) widget.text = widget_properties['text'] - + models.db.session.commit() return widget.to_dict() @require_permission('edit_dashboard') def delete(self, widget_id): widget = models.Widget.get_by_id_and_org(widget_id, self.current_org) require_object_modify_permission(widget.dashboard, self.current_user) - widget.delete() - + models.db.session.commit() return {'layout': widget.dashboard.layout, 'version': widget.dashboard.version} diff --git a/redash/tasks/general.py b/redash/tasks/general.py index a2af50e1..6ee35f54 100644 --- a/redash/tasks/general.py +++ b/redash/tasks/general.py @@ -13,6 +13,7 @@ logger = get_task_logger(__name__) def record_event(event): original_event = event.copy() models.Event.record(event) + models.db.session.commit() for hook in settings.EVENT_REPORTING_WEBHOOKS: logger.debug("Forwarding event to: %s", hook) try: From 1fae6017bd0c4aea1f27a1e6f5a4cbf5cefdd94d Mon Sep 17 00:00:00 2001 From: Arik Fraimovich Date: Mon, 2 Jan 2017 16:06:53 +0200 Subject: [PATCH 2/2] Change order of db.commit and event logging --- redash/handlers/alerts.py | 15 +++++++++------ redash/handlers/dashboards.py | 7 ++++--- redash/handlers/data_sources.py | 4 ---- redash/handlers/destinations.py | 4 ++-- redash/handlers/events.py | 2 -- redash/handlers/groups.py | 17 +++++++++-------- redash/handlers/permissions.py | 6 ++++-- redash/handlers/queries.py | 3 ++- redash/handlers/query_snippets.py | 7 ++++--- redash/handlers/users.py | 15 ++++++++------- 10 files changed, 42 insertions(+), 38 deletions(-) diff --git a/redash/handlers/alerts.py b/redash/handlers/alerts.py index 3a8d4be0..e6712dba 100644 --- a/redash/handlers/alerts.py +++ b/redash/handlers/alerts.py @@ -21,6 +21,7 @@ class AlertResource(BaseResource): require_admin_or_owner(alert.user.id) self.update_model(alert, params) + models.db.session.commit() self.record_event({ 'action': 'edit', @@ -28,7 +29,7 @@ class AlertResource(BaseResource): 'object_id': alert.id, 'object_type': 'alert' }) - models.db.session.commit() + return alert.to_dict() def delete(self, alert_id): @@ -57,6 +58,8 @@ class AlertListResource(BaseResource): models.db.session.add(alert) models.db.session.flush() + models.db.session.commit() + self.record_event({ 'action': 'create', 'timestamp': int(time.time()), @@ -64,9 +67,7 @@ class AlertListResource(BaseResource): 'object_type': 'alert' }) - a = alert.to_dict() - models.db.session.commit() - return a + return alert.to_dict() @require_permission('list_alerts') def get(self): @@ -87,6 +88,8 @@ class AlertSubscriptionListResource(BaseResource): subscription = models.AlertSubscription(**kwargs) models.db.session.add(subscription) + models.db.session.commit() + self.record_event({ 'action': 'subscribe', 'timestamp': int(time.time()), @@ -96,7 +99,6 @@ class AlertSubscriptionListResource(BaseResource): }) d = subscription.to_dict() - models.db.session.commit() return d def get(self, alert_id): @@ -113,10 +115,11 @@ class AlertSubscriptionResource(BaseResource): subscription = models.AlertSubscription.query.get_or_404(subscriber_id) require_admin_or_owner(subscription.user.id) models.db.session.delete(subscription) + models.db.session.commit() + self.record_event({ 'action': 'unsubscribe', 'timestamp': int(time.time()), 'object_id': alert_id, 'object_type': 'alert' }) - models.db.session.commit() diff --git a/redash/handlers/dashboards.py b/redash/handlers/dashboards.py index 468160ee..e29b81a7 100644 --- a/redash/handlers/dashboards.py +++ b/redash/handlers/dashboards.py @@ -66,7 +66,6 @@ class DashboardResource(BaseResource): require_object_modify_permission(dashboard, self.current_user) - updates = project(dashboard_properties, ('name', 'layout', 'version', 'is_draft')) @@ -116,6 +115,8 @@ class DashboardShareResource(BaseResource): require_admin_or_owner(dashboard.user_id) api_key = models.ApiKey.create_for_object(dashboard, self.current_user) models.db.session.flush() + models.db.session.commit() + public_url = url_for('redash.public_dashboard', token=api_key.api_key, org_slug=self.current_org.slug, _external=True) self.record_event({ @@ -123,7 +124,7 @@ class DashboardShareResource(BaseResource): 'object_id': dashboard.id, 'object_type': 'dashboard', }) - models.db.session.commit() + return {'public_url': public_url, 'api_key': api_key.api_key} def delete(self, dashboard_id): @@ -134,10 +135,10 @@ class DashboardShareResource(BaseResource): if api_key: api_key.active = False models.db.session.add(api_key) + models.db.session.commit() self.record_event({ 'action': 'deactivate_api_key', 'object_id': dashboard.id, 'object_type': 'dashboard', }) - models.db.session.commit() diff --git a/redash/handlers/data_sources.py b/redash/handlers/data_sources.py index 6ceac2e8..ebf19d9f 100644 --- a/redash/handlers/data_sources.py +++ b/redash/handlers/data_sources.py @@ -127,28 +127,24 @@ class DataSourcePauseResource(BaseResource): reason = request.args.get('reason') data_source.pause(reason) - models.db.session.add(data_source) self.record_event({ 'action': 'pause', 'object_id': data_source.id, 'object_type': 'datasource' }) - models.db.session.commit() return data_source.to_dict() @require_admin def delete(self, data_source_id): data_source = get_object_or_404(models.DataSource.get_by_id_and_org, data_source_id, self.current_org) data_source.resume() - models.db.session.add(data_source) self.record_event({ 'action': 'resume', 'object_id': data_source.id, 'object_type': 'datasource' }) - models.db.session.commit() return data_source.to_dict() diff --git a/redash/handlers/destinations.py b/redash/handlers/destinations.py index 39688c54..aac05637 100644 --- a/redash/handlers/destinations.py +++ b/redash/handlers/destinations.py @@ -32,14 +32,14 @@ class DestinationResource(BaseResource): try: destination.options.set_schema(schema) destination.options.update(req['options']) + models.db.session.add(destination) + models.db.session.commit() except ValidationError: abort(400) destination.type = req['type'] destination.name = req['name'] - models.db.session.add(destination) - models.db.session.commit() return destination.to_dict(all=True) @require_admin diff --git a/redash/handlers/events.py b/redash/handlers/events.py index cc411ecc..83988c1a 100644 --- a/redash/handlers/events.py +++ b/redash/handlers/events.py @@ -1,7 +1,6 @@ from flask import request from redash.handlers.base import BaseResource -from redash.models import db class EventResource(BaseResource): @@ -9,5 +8,4 @@ class EventResource(BaseResource): events_list = request.get_json(force=True) for event in events_list: self.record_event(event) - db.session.commit() diff --git a/redash/handlers/groups.py b/redash/handlers/groups.py index 9af44c18..929f7615 100644 --- a/redash/handlers/groups.py +++ b/redash/handlers/groups.py @@ -20,7 +20,7 @@ class GroupListResource(BaseResource): 'object_id': group.id, 'object_type': 'group' }) - models.db.session.commit() + return group.to_dict() def get(self): @@ -42,6 +42,7 @@ class GroupResource(BaseResource): abort(400, message="Can't modify built-in groups.") group.name = request.json['name'] + models.db.session.commit() self.record_event({ 'action': 'edit', @@ -49,7 +50,7 @@ class GroupResource(BaseResource): 'object_id': group.id, 'object_type': 'group' }) - models.db.session.commit() + return group.to_dict() def get(self, group_id): @@ -77,6 +78,7 @@ class GroupMemberListResource(BaseResource): user = models.User.get_by_id_and_org(user_id, self.current_org) group = models.Group.get_by_id_and_org(group_id, self.current_org) user.group_ids.append(group.id) + models.db.session.commit() self.record_event({ 'action': 'add_member', @@ -85,7 +87,6 @@ class GroupMemberListResource(BaseResource): 'object_type': 'group', 'member_id': user.id }) - models.db.session.commit() return user.to_dict() @require_permission('list_users') @@ -102,6 +103,7 @@ class GroupMemberResource(BaseResource): def delete(self, group_id, user_id): user = models.User.get_by_id_and_org(user_id, self.current_org) user.group_ids.remove(int(group_id)) + models.db.session.commit() self.record_event({ 'action': 'remove_member', @@ -110,7 +112,6 @@ class GroupMemberResource(BaseResource): 'object_type': 'group', 'member_id': user.id }) - models.db.session.commit() def serialize_data_source_with_group(data_source, data_source_group): @@ -127,7 +128,7 @@ class GroupDataSourceListResource(BaseResource): group = models.Group.get_by_id_and_org(group_id, self.current_org) data_source_group = data_source.add_group(group) - + models.db.session.commit() self.record_event({ 'action': 'add_data_source', @@ -136,7 +137,7 @@ class GroupDataSourceListResource(BaseResource): 'object_type': 'group', 'member_id': data_source.id }) - models.db.session.commit() + return serialize_data_source_with_group(data_source, data_source_group) @require_admin @@ -160,6 +161,7 @@ class GroupDataSourceResource(BaseResource): view_only = request.json['view_only'] data_source_group = data_source.update_group_permission(group, view_only) + models.db.session.commit() self.record_event({ 'action': 'change_data_source_permission', @@ -169,7 +171,6 @@ class GroupDataSourceResource(BaseResource): 'member_id': data_source.id, 'view_only': view_only }) - models.db.session.commit() return serialize_data_source_with_group(data_source, data_source_group) @@ -179,6 +180,7 @@ class GroupDataSourceResource(BaseResource): group = models.Group.get_by_id_and_org(group_id, self.current_org) data_source.remove_group(group) + models.db.session.commit() self.record_event({ 'action': 'remove_data_source', @@ -187,4 +189,3 @@ class GroupDataSourceResource(BaseResource): 'object_type': 'group', 'member_id': data_source.id }) - models.db.session.commit() diff --git a/redash/handlers/permissions.py b/redash/handlers/permissions.py index 89f8971d..142946b6 100644 --- a/redash/handlers/permissions.py +++ b/redash/handlers/permissions.py @@ -55,6 +55,7 @@ class ObjectPermissionsListResource(BaseResource): abort(400, message='User not found.') permission = AccessPermission.grant(obj, access_type, grantee, self.current_user) + db.session.commit() self.record_event({ 'action': 'grant_permission', @@ -63,7 +64,7 @@ class ObjectPermissionsListResource(BaseResource): 'grantee': grantee.id, 'access_type': access_type, }) - db.session.commit() + return permission.to_dict() def delete(self, object_type, object_id): @@ -80,7 +81,9 @@ class ObjectPermissionsListResource(BaseResource): grantee = User.query.get(req['user_id']) if grantee is None: abort(400, message='User not found.') + AccessPermission.revoke(obj, grantee, access_type) + db.session.commit() self.record_event({ 'action': 'revoke_permission', @@ -89,7 +92,6 @@ class ObjectPermissionsListResource(BaseResource): 'access_type': access_type, 'grantee_id': grantee_id }) - db.session.commit() class CheckPermissionResource(BaseResource): diff --git a/redash/handlers/queries.py b/redash/handlers/queries.py index 49871765..69410273 100644 --- a/redash/handlers/queries.py +++ b/redash/handlers/queries.py @@ -65,13 +65,14 @@ class QueryListResource(BaseResource): query_def['is_draft'] = True query = models.Query.create(**query_def) models.db.session.add(query) + models.db.session.commit() self.record_event({ 'action': 'create', 'object_id': query.id, 'object_type': 'query' }) - models.db.session.commit() + return query.to_dict() @require_permission('view_query') diff --git a/redash/handlers/query_snippets.py b/redash/handlers/query_snippets.py index 589e7efb..fc748657 100644 --- a/redash/handlers/query_snippets.py +++ b/redash/handlers/query_snippets.py @@ -21,13 +21,13 @@ class QuerySnippetResource(BaseResource): require_admin_or_owner(snippet.user.id) self.update_model(snippet, params) + models.db.session.commit() self.record_event({ 'action': 'edit', 'object_id': snippet.id, 'object_type': 'query_snippet' }) - models.db.session.commit() return snippet.to_dict() def delete(self, snippet_id): @@ -35,13 +35,13 @@ class QuerySnippetResource(BaseResource): snippet_id, self.current_org) require_admin_or_owner(snippet.user.id) models.db.session.delete(snippet) + models.db.session.commit() self.record_event({ 'action': 'delete', 'object_id': snippet.id, 'object_type': 'query_snippet' }) - models.db.session.commit() class QuerySnippetListResource(BaseResource): @@ -58,13 +58,14 @@ class QuerySnippetListResource(BaseResource): ) models.db.session.add(snippet) + models.db.session.commit() self.record_event({ 'action': 'create', 'object_id': snippet.id, 'object_type': 'query_snippet' }) - models.db.session.commit() + return snippet.to_dict() def get(self): diff --git a/redash/handlers/users.py b/redash/handlers/users.py index d020e3bb..06ed23f7 100644 --- a/redash/handlers/users.py +++ b/redash/handlers/users.py @@ -108,13 +108,6 @@ class UserResource(BaseResource): if 'groups' in params and not self.current_user.has_permission('admin'): abort(403, message="Must be admin to change groups membership.") - self.record_event({ - 'action': 'edit', - 'timestamp': int(time.time()), - 'object_id': user.id, - 'object_type': 'user', - 'updated_fields': params.keys() - }) try: self.update_model(user, params) models.db.session.commit() @@ -126,6 +119,14 @@ class UserResource(BaseResource): abort(400, message=message) + self.record_event({ + 'action': 'edit', + 'timestamp': int(time.time()), + 'object_id': user.id, + 'object_type': 'user', + 'updated_fields': params.keys() + }) + return user.to_dict(with_api_key=is_admin_or_owner(user_id))