feat: enable user impersonation in GSheets (apache#14767)

CybercentreCanada · Dec 17, 2021 · 9e14e3d · 9e14e3d
1 parent ac78861
commit 9e14e3d
Show file tree

Hide file tree

Showing 3 changed files with 18 additions and 2 deletions.
diff --git a/setup.py b/setup.py
@@ -134,7 +134,7 @@ def get_git_sha():
         "exasol": ["sqlalchemy-exasol>=2.1.0, <2.2"],
         "excel": ["xlrd>=1.2.0, <1.3"],
         "firebird": ["sqlalchemy-firebird>=0.7.0, <0.8"],
-        "gsheets": ["shillelagh[gsheetsapi]>=0.2, <0.3"],
+        "gsheets": ["shillelagh[gsheetsapi]>=0.5, <0.6"],
         "hana": ["hdbcli==2.4.162", "sqlalchemy_hana==0.4.0"],
         "hive": ["pyhive[hive]>=0.6.1", "tableschema", "thrift>=0.11.0, <1.0.0"],
         "impala": ["impyla>0.16.2, <0.17"],

diff --git a/superset-frontend/src/views/CRUD/data/database/DatabaseModal/ExtraOptions.tsx b/superset-frontend/src/views/CRUD/data/database/DatabaseModal/ExtraOptions.tsx
@@ -291,7 +291,9 @@ const ExtraOptions = ({
               indeterminate={false}
               checked={!!db?.impersonate_user}
               onChange={onInputChange}
-              labelText={t('Impersonate Logged In User (Presto & Hive)')}
+              labelText={t(
+                'Impersonate Logged In User (Presto, Hive, and GSheets)',
+              )}
             />
             <InfoTooltip
               tooltip={t(

diff --git a/superset/db_engine_specs/gsheets.py b/superset/db_engine_specs/gsheets.py
@@ -14,6 +14,11 @@
 # KIND, either express or implied.  See the License for the
 # specific language governing permissions and limitations
 # under the License.
+from typing import Optional
+
+from sqlalchemy.engine.url import URL
+
+from superset import security_manager
 from superset.db_engine_specs.sqlite import SqliteEngineSpec
 
 
@@ -24,3 +29,12 @@ class GSheetsEngineSpec(SqliteEngineSpec):
     engine_name = "Google Sheets"
     allows_joins = False
     allows_subqueries = True
+
+    @classmethod
+    def modify_url_for_impersonation(
+        cls, url: URL, impersonate_user: bool, username: Optional[str]
+    ) -> None:
+        if impersonate_user and username is not None:
+            user = security_manager.find_user(username=username)
+            if user and user.email:
+                url.query["subject"] = user.email