Commit Graph

52 Commits

Author SHA1 Message Date
Allen Short
f00d77dec4 auth tests wip 2016-12-07 02:13:20 -06:00
Arik Fraimovich
a874d88667 Fix tests & update CircleCI configuration 2016-11-26 11:35:21 +02:00
Arik Fraimovich
971f961bcd Merge pull request #1353 from washort/draft-toggle
Change: make draft status for queries and dashboards toggleable
2016-11-22 23:38:33 +02:00
Antoine Augusti
9118464970 Rate limit the login page 2016-11-20 12:44:43 +01:00
Allen Short
65a6385380 Make draft status for queries and dashboards toggleable. 2016-11-02 12:31:33 -05:00
Arik Fraimovich
6c5dd09a78 Add change tracking and fix tests 2016-10-26 16:09:55 +03:00
Arik Fraimovich
df17759ab4 Fix tests 2016-10-26 11:47:40 +03:00
Arik Fraimovich
6218421266 Tests for the permissions API (and rewrite) 2016-10-26 10:52:24 +03:00
Arik Fraimovich
f34471ec10 Return 409 when dashboard can't be updated due to conflict 2016-10-25 11:58:43 +03:00
Arik Fraimovich
40cc592591 Make sure error are logged in tests 2016-10-25 11:58:25 +03:00
Arik Fraimovich
bb96702ae6 Update dashboard testS 2016-10-25 10:45:00 +03:00
Arik Fraimovich
8b091129ed Use new helper for dashboards API 2016-10-24 21:33:49 +03:00
Arik Fraimovich
edea6f3a05 WIP:
- Move version/change tracking logic to mixins (the change mixin is still WIP).
- Tests for queries update API.
2016-10-24 16:58:30 +03:00
Arik Fraimovich
c51477ac93 Add tests outline 2016-10-24 13:56:39 +03:00
Arik Fraimovich
9f3bbfee13 Renames 2016-10-24 13:56:31 +03:00
Arik Fraimovich
7ba5a2062a Remove unused method 2016-10-24 13:37:32 +03:00
Waldemar Hummer
60a79cbe08 address code review comments 2016-10-24 12:33:29 +03:00
Waldemar Hummer
e0672f4c4d add optimistic locking for dashboard editing 2016-10-24 12:33:29 +03:00
Waldemar Hummer
903ba0c1e0 add backend API and tests for managing access permissions. 2016-10-24 12:33:29 +03:00
Arik Fraimovich
5096e4ed79 Change: paginate query page & add explicit urls.
- Paginate the queries API result.
- Split the API to /api/queries (all queries) and /api/queries/my which returns
  a user's queries (or drafts).
- In the interface have explicit URLs for all queries (/queries), my queries (/queries/my)
  and drafts (/queries/drafts).
2016-10-05 14:14:26 +03:00
Arik Fraimovich
d4bfbc2c57 Fix: Excel file generation fails when row missing column value. 2016-07-11 11:51:55 +03:00
Arik Fraimovich
f21276ec06 Merge pull request #1119 from getredash/feature/params_ui
Feature: add UI to delete alerts
2016-06-14 12:00:53 +03:00
Arik Fraimovich
2d2fb69b7b Add API to delete alerts (#731). 2016-06-14 11:21:05 +03:00
Arik Fraimovich
df637e3f6b Merge pull request #1116 from getredash/feature/params_ui
Return meaningful error when there is no cached result.
2016-06-14 10:44:24 +03:00
Arik Fraimovich
68465b0c60 Return meaningful error when there is no cached result.
Previously it was crashing as it was trying to access an unreferenced
variables (query_result).
2016-06-14 10:41:01 +03:00
Arik Fraimovich
52558043ee Merge pull request #1091 from whummer/feature/cache_embeds
Add caching for queries used in embeds
2016-06-14 08:34:13 +03:00
Waldemar Hummer
011ca74338 add caching for queries used in embeds 2016-06-03 09:14:59 +10:00
Arik Fraimovich
434615a1be Merge remote-tracking branch 'origin/master' into flexible_notifications 2016-06-02 10:21:52 +03:00
Arik Fraimovich
59f8af2c44 Switch to Redis for pause state storage 2016-05-30 22:44:09 +03:00
Arik Fraimovich
9538ee7c31 Feature: API to pause a data source 2016-05-30 18:30:05 +03:00
Arik Fraimovich
e069374232 Merge w/ latest master 2016-05-07 17:49:49 +03:00
Waldemar Hummer
e415189017 add test case for embeds with parameters; minor fix in embeds.py 2016-05-05 11:15:49 +10:00
Arik Fraimovich
0bb722df5d Make sure data sources ordered by id 2016-05-04 12:03:47 +03:00
Alex DeBrie
a3c0917d85 Fix AlertSubscription unsubscribe permissions and broken tests 2016-03-23 20:49:20 +00:00
Alex DeBrie
a43761da39 Require destination_id in POSTs that create a subscription 2016-03-23 20:47:50 +00:00
Arik Fraimovich
7a943f62b3 Password reset & invite links functionality. 2016-03-14 18:33:17 +02:00
Arik Fraimovich
b183651e04 Verify user has access to visualization before creating widget 2016-03-10 11:42:04 +02:00
Arik Fraimovich
fad8f2b7be UI for controlling access to dashboard 2016-03-10 11:28:39 +02:00
Arik Fraimovich
298db14bc1 API to create api key for dashboards 2016-03-10 10:09:26 +02:00
Arik Fraimovich
6bc3970ad5 Make sure user has access to data source when loading query result 2016-03-09 15:15:03 +02:00
Arik Fraimovich
b92fbb489b Fix call to authenticate_request 2016-03-09 13:41:33 +02:00
Arik Fraimovich
52ad1f1ba1 Public dasboards feature. 2016-03-09 13:38:02 +02:00
Jeff Widman
c198d22691 Format files to end in a single newline per PEP 8 2016-02-29 12:00:03 -08:00
Arik Fraimovich
ed99b8452c Encapsulate data source/query runner configuration in an object.
This is a step towards adding more complex logic in configuration
handling, like encryption of secrets.
2016-02-23 15:02:49 +02:00
Arik Fraimovich
c12b059d10 Add API to trigger query refresh and support for parameters. 2016-02-22 10:40:46 +02:00
Arik Fraimovich
505166455d Fix: show each data source only once 2016-01-19 18:26:51 +02:00
Arik Fraimovich
c1da2579a3 Test for embed handler 2016-01-16 21:25:19 +02:00
Arik Fraimovich
7c6b95e71d Change multi-org implementation:
To avoid complications with how Google Auth works, when enabling organization
multi-tenancy on a single instance, each organization becomes a "sub folder"
instead of a sub-domain.
2016-01-04 00:03:49 +02:00
Arik Fraimovich
f7b57fa580 Feature: new permissions system
This is one huge change for the permissions system and related:

* (Backward incompatible:) Remove the table based permissions in favour of the new model.
* Manage permission to view or query datasources based on groups.
* Add the concept of Organization. It's irrelevant for most deployments, but allows for
  multi-tenant support in re:dash.
* Replace ActivityLog with Event based rows (old data in activity_log table is retained).
* Enforce permissions on the server-side. There were some permissions that were only enforced
  on the client side. This is no more. All permissions are enforced by the server.
* Added new permission: 'super-admin' to access the status and Flask-Admin interface.
* Make sure that html is never cached by the browser - this is to make sure that the browser
  will always ask for the new Javascript/CSS resources (if such are available).
2015-12-31 10:43:33 +02:00
Arik Fraimovich
799ce3e718 Fix: don't cache /results API endpoint 2015-10-16 23:11:19 +03:00