Fix sqlglot dependency conflict with superset 4 and fix superset auth/reauth to use only the API

.gitignore

@@ -56,3 +56,5 @@ MANIFEST
 .pyre/
 .pyre_configuration
 .watchmanconfig
+
+backend-sdk

Makefile

@@ -1,12 +1,11 @@
 pyenv: .python-version
 
 .python-version: setup.cfg
-	if [ -z "`pyenv virtualenvs | grep backend-sdk`" ]; then\
-	    pyenv virtualenv backend-sdk;\
-	fi
-	if [ ! -f .python-version ]; then\
-	    pyenv local backend-sdk;\
+	if [ ! -d "backend-sdk" ]; then \
+		pyenv local 3.11; \
+		python -m venv backend-sdk; \
 	fi
+	backend-sdk/bin/activate; \
 	pip install -e '.[testing]'
 	touch .python-version
 

dev-requirements.txt

@@ -67,7 +67,7 @@ rich==12.5.1
 six==1.16.0
 soupsieve==2.3.2.post1
 sqlalchemy==1.4.40
-sqlglot==20.7.1
+sqlglot==25.24.5
 tabulate==0.8.10
 toml==0.10.2
 tomli==2.0.1

requirements.txt

@@ -40,7 +40,7 @@ rich==12.3.0
 six==1.16.0
 soupsieve==2.3.2.post1
 sqlalchemy==1.4.35
-sqlglot==20.7.1
+sqlglot==25.24.5
 tabulate==0.8.9
 typing-extensions==4.2.0
 urllib3==1.26.9

setup.cfg

@@ -52,6 +52,8 @@ package_dir =
 # Version specifiers like >=2.2,<3.0 avoid problems due to API changes in
 # new major versions. This works if the required packages follow Semantic Versioning.
 # For more information, check out https://semver.org/.
+
+# Setting sqlglot to the same version used in the latest superset
 install_requires =
     importlib-metadata; python_version<"3.8"
     Cython>=0.29.26
@@ -71,7 +73,7 @@ install_requires =
     requests>=2.26.0
     rich>=12.3.0
     sqlalchemy>=1.4,<2
-    sqlglot>=19,<23
+    sqlglot==25.24.5
     tabulate>=0.8.9
     typing-extensions>=4.0.1
     yarl>=1.7.2

src/preset_cli/api/clients/superset.py

@@ -424,7 +424,12 @@ def get_resource(self, resource_name: str, resource_id: int) -> Any:
 
         return resource
 
-    def get_resources(self, resource_name: str, **kwargs: Any) -> List[Any]:
+    def get_resources(
+        self,
+        resource_name: str,
+        order_column: str = "changed_on_delta_humanized",
+        **kwargs: Any,
+    ) -> List[Any]:
         """
         Return one or more of a resource, possibly filtered.
         """
@@ -442,7 +447,7 @@ def get_resources(self, resource_name: str, **kwargs: Any) -> List[Any]:
                         dict(col=col, opr=value.operator, value=value.value)
                         for col, value in operations.items()
                     ],
-                    "order_column": "changed_on_delta_humanized",
+                    "order_column": order_column,
                     "order_direction": "desc",
                     "page": page,
                     "page_size": MAX_PAGE_SIZE,
@@ -499,6 +504,15 @@ def update_resource(
 
         return resource
 
+    def delete_resource(self, resource_name: str, resource_id: int):
+        """
+        Delete a resource.
+        """
+        url = self.baseurl / "api/v1" / resource_name / str(resource_id)
+
+        response = self.session.delete(url)
+        validate_response(response)
+
     def get_resource_endpoint_info(self, resource_name: str, **kwargs: Any) -> Any:
         """
         Get resource endpoint info (such as available columns) possibly filtered.
@@ -671,6 +685,18 @@ def get_charts(self, **kwargs: str) -> List[Any]:
         """
         return self.get_resources("chart", **kwargs)
 
+    def update_chart(self, chart_id: int, **kwargs: Any) -> Any:
+        """
+        Update a chart.
+        """
+        return self.update_resource("chart", chart_id, **kwargs)
+
+    def delete_chart(self, chart_id):
+        """
+        delete a chart.
+        """
+        self.delete_resource("chart", chart_id)
+
     def get_dashboard(self, dashboard_id: int) -> Any:
         """
         Return a single dashboard.
@@ -695,6 +721,42 @@ def update_dashboard(self, dashboard_id: int, **kwargs: Any) -> Any:
         """
         return self.update_resource("dashboard", dashboard_id, **kwargs)
 
+    def delete_dashboard(self, dashboard_id: int) -> Any:
+        """
+        Delete a dashboard.
+        """
+        self.delete_resource("dashboard", dashboard_id)
+
+    def get_users(self, **kwargs: str) -> List[Any]:
+        """
+        Return users, possibly filtered.
+        """
+        return self.get_resources("security/users", "id", **kwargs)
+
+    def get_report(self, report_id: int) -> Any:
+        """
+        Return a single report.
+        """
+        return self.get_resource("report", report_id)
+
+    def get_reports(self, **kwargs: str) -> List[Any]:
+        """
+        Return reports, possibly filtered.
+        """
+        return self.get_resources("report", **kwargs)
+
+    def create_report(self, **kwargs: Any) -> Any:
+        """
+        Create a report.
+        """
+        return self.create_resource("report", **kwargs)
+
+    def update_report(self, report_id: int, **kwargs: Any) -> Any:
+        """
+        Update a report.
+        """
+        return self.update_resource("report", report_id, **kwargs)
+
     def export_zip(self, resource_name: str, ids: List[int]) -> BytesIO:
         """
         Export one or more of a resource.
@@ -767,6 +829,8 @@ def import_zip(
         )
         validate_response(response)
 
+        _logger.debug(response.text)
+
         payload = response.json()
 
         return payload["message"] == "OK"

src/preset_cli/auth/main.py

@@ -1,13 +1,15 @@
 """
 Mechanisms for authentication and authorization.
 """
-
+import logging
 from typing import Any, Dict
 
 from requests import Response, Session
 from requests.adapters import HTTPAdapter
 from urllib3.util import Retry
 
+_logger = logging.getLogger(__name__)
+
 
 class Auth:  # pylint: disable=too-few-public-methods
     """
@@ -46,6 +48,8 @@ def reauth(self, r: Response, *args: Any, **kwargs: Any) -> Response:
         if r.status_code != 401:
             return r
 
+        _logger.debug("Token expired. Re-authenticating...")
+
         try:
             self.auth()
         except NotImplementedError:

src/preset_cli/auth/superset.py

@@ -4,7 +4,6 @@
 
 from typing import Dict, Optional
 
-from bs4 import BeautifulSoup
 from yarl import URL
 
 from preset_cli.auth.main import Auth
@@ -16,36 +15,56 @@ class UsernamePasswordAuth(Auth):  # pylint: disable=too-few-public-methods
     Auth to Superset via username/password.
     """
 
-    def __init__(self, baseurl: URL, username: str, password: Optional[str] = None):
+    def __init__(self, baseurl: URL, username: str, password: Optional[str] = None, provider: Optional[str] = None):
         super().__init__()
 
         self.csrf_token: Optional[str] = None
         self.baseurl = baseurl
         self.username = username
         self.password = password
+        self.provider = provider or "ldap"
         self.auth()
 
     def get_headers(self) -> Dict[str, str]:
         return {"X-CSRFToken": self.csrf_token} if self.csrf_token else {}
 
+    def get_access_token(self):
+        """
+        Get an access token from superset API: api/v1/security/login.
+        """
+        body = {
+            "username": self.username,
+            "password": self.password,
+            "provider": self.provider,
+        }
+        if "Referer" in self.session.headers:
+            del self.session.headers["Referer"]
+        response = self.session.post(self.baseurl / "api/v1/security/login", json=body)
+        response.raise_for_status()
+        return response.json()["access_token"]
+
+    def get_csrf_token(self):
+        """
+        Get a CSRF token from superset API: api/v1/security/csrf_token .
+        """
+        response = self.session.get(self.baseurl / "api/v1/security/csrf_token/")
+        response.raise_for_status()
+        return response.json()["result"]
+
     def auth(self) -> None:
         """
         Login to get CSRF token and cookies.
         """
-        data = {"username": self.username, "password": self.password}
+        self.session.headers["Authorization"] = f"Bearer {self.get_access_token()}"
+        csrf_token = self.get_csrf_token()
 
-        response = self.session.get(self.baseurl / "login/")
-        soup = BeautifulSoup(response.text, "html.parser")
-        input_ = soup.find("input", {"id": "csrf_token"})
-        csrf_token = input_["value"] if input_ else None
         if csrf_token:
             self.session.headers["X-CSRFToken"] = csrf_token
-            data["csrf_token"] = csrf_token
+            self.session.headers["Referer"] = str(
+                self.baseurl / "api/v1/security/csrf_token/",
+            )
             self.csrf_token = csrf_token
 
-        # set cookies
-        self.session.post(self.baseurl / "login/", data=data)
-
 
 class SupersetJWTAuth(TokenAuth):  # pylint: disable=abstract-method
     """

src/preset_cli/cli/superset/main.py

@@ -35,6 +35,9 @@
     help="Password (leave empty for prompt)",
 )
 @click.option("--loglevel", default="INFO")
+@click.option("--provider",
+              default="ldap",
+              help="Provider that store the superset credentials (e.g. ldap, db, etc.)")
 @click.version_option()
 @click.pass_context
 def superset_cli(  # pylint: disable=too-many-arguments
@@ -44,6 +47,7 @@ def superset_cli(  # pylint: disable=too-many-arguments
     username: str,
     password: str,
     loglevel: str,
+    provider: str
 ):
     """
     An Apache Superset CLI.
@@ -59,7 +63,7 @@ def superset_cli(  # pylint: disable=too-many-arguments
         if jwt_token:
             ctx.obj["AUTH"] = SupersetJWTAuth(jwt_token, URL(instance))
         else:
-            ctx.obj["AUTH"] = UsernamePasswordAuth(URL(instance), username, password)
+            ctx.obj["AUTH"] = UsernamePasswordAuth(URL(instance), username, password, provider)
 
 
 superset_cli.add_command(sql)