This is an automated email from the ASF dual-hosted git repository. asoare pushed a commit to branch alexandrusoare/refactor/passwords-yaml-config in repository https://gitbox.apache.org/repos/asf/superset.git
commit 68c769857562140d981ff8b327f10a95b2019006 Author: alexandrusoare <[email protected]> AuthorDate: Wed Feb 18 14:48:14 2026 +0200 refactor(passwords): accept passwords via YAML file --- superset/commands/importers/v1/utils.py | 6 +++- superset/static/service-worker.js | 27 --------------- .../databases/importers/v1/command_test.py | 40 ++++++++++++++++++++++ 3 files changed, 45 insertions(+), 28 deletions(-) diff --git a/superset/commands/importers/v1/utils.py b/superset/commands/importers/v1/utils.py index 3aeb586997c..15f9009e6be 100644 --- a/superset/commands/importers/v1/utils.py +++ b/superset/commands/importers/v1/utils.py @@ -149,9 +149,13 @@ def load_configs( try: config = load_yaml(file_name, content) - # populate passwords from the request or from existing DBs + # populate passwords from the request, from YAML config, + # or from existing DBs if file_name in passwords: config["password"] = passwords[file_name] + elif prefix == "databases" and config.get("password"): + # password already in YAML config, keep it + pass elif prefix == "databases" and config["uuid"] in db_passwords: config["password"] = db_passwords[config["uuid"]] diff --git a/superset/static/service-worker.js b/superset/static/service-worker.js deleted file mode 100644 index 43cb14a4894..00000000000 --- a/superset/static/service-worker.js +++ /dev/null @@ -1,27 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -// Minimal service worker for PWA file handling support -self.addEventListener('install', event => { - event.waitUntil(self.skipWaiting()); -}); - -self.addEventListener('activate', event => { - event.waitUntil(self.clients.claim()); -}); diff --git a/tests/unit_tests/commands/databases/importers/v1/command_test.py b/tests/unit_tests/commands/databases/importers/v1/command_test.py index 529b43d7343..bb4228af86f 100644 --- a/tests/unit_tests/commands/databases/importers/v1/command_test.py +++ b/tests/unit_tests/commands/databases/importers/v1/command_test.py @@ -93,3 +93,43 @@ def test_import_mask_password( == "postgresql://user:XXXXXXXXXX@localhost:5432/superset" ) assert database.password == "password" # noqa: S105 + + +def test_import_database_with_password_in_config( + mocker: MockerFixture, + session: Session, +) -> None: + """ + Test that passwords in the YAML config are used when importing databases. + """ + from superset import db, security_manager + from superset.commands.database.importers.v1 import ImportDatabasesCommand + from superset.models.core import Database + + mocker.patch("superset.commands.database.importers.v1.utils.add_permissions") + mocker.patch.object(security_manager, "can_access", return_value=True) + + configs: dict[str, dict[str, Any]] = { + "databases/examples.yaml": { + "database_name": "examples_with_password", + "sqlalchemy_uri": "postgresql://user:XXXXXXXXXX@localhost:5432/superset", + "cache_timeout": None, + "expose_in_sqllab": True, + "allow_run_async": False, + "allow_ctas": False, + "allow_cvas": False, + "extra": {}, + "uuid": "b3dc77af-e654-49bb-b321-40f6b559a1ee", + "version": "1.0.0", + "password": "yaml_password", # Password provided in YAML config + "allow_csv_upload": False, + }, + } + + engine = db.session.get_bind() + Database.metadata.create_all(engine) # pylint: disable=no-member + + ImportDatabasesCommand._import(configs) + uuid = configs["databases/examples.yaml"]["uuid"] + database = db.session.query(Database).filter_by(uuid=uuid).one() + assert database.password == "yaml_password" # noqa: S105
