From 37753cbdc25a9517a0ae442e9252aec8830bb115 Mon Sep 17 00:00:00 2001
From: Geido <60598000+geido@users.noreply.github.com>
Date: Fri, 14 Jun 2024 19:48:47 +0200
Subject: [PATCH] fix: Catalog with restricted permissions produces an error
 during database connection (#29257)

---
 .gitignore                           |  1 +
 superset/commands/database/create.py | 41 ++++++++++++++++++----------
 2 files changed, 28 insertions(+), 14 deletions(-)

diff --git a/.gitignore b/.gitignore
index 87aac852347ff..6daa883720984 100644
--- a/.gitignore
+++ b/.gitignore
@@ -116,3 +116,4 @@ docker/requirements-local.txt
 
 cache/
 docker/*local*
+.temp_cache
diff --git a/superset/commands/database/create.py b/superset/commands/database/create.py
index 811c2b205eb94..e66e1110c8dff 100644
--- a/superset/commands/database/create.py
+++ b/superset/commands/database/create.py
@@ -40,6 +40,7 @@
 from superset.commands.database.test_connection import TestConnectionDatabaseCommand
 from superset.daos.database import DatabaseDAO
 from superset.daos.exceptions import DAOCreateFailedError
+from superset.databases.ssh_tunnel.models import SSHTunnel
 from superset.exceptions import SupersetErrorsException
 from superset.extensions import db, event_logger, security_manager
 from superset.models.core import Database
@@ -82,7 +83,7 @@ def run(self) -> Model:
             "{}",
         )
 
-        ssh_tunnel = None
+        ssh_tunnel: Optional[SSHTunnel] = None
 
         try:
             database = self._create_database()
@@ -115,19 +116,11 @@ def run(self) -> Model:
                 catalogs = [None]
 
             for catalog in catalogs:
-                for schema in database.get_all_schema_names(
-                    catalog=catalog,
-                    cache=False,
-                    ssh_tunnel=ssh_tunnel,
-                ):
-                    security_manager.add_permission_view_menu(
-                        "schema_access",
-                        security_manager.get_schema_perm(
-                            database.database_name,
-                            catalog,
-                            schema,
-                        ),
-                    )
+                try:
+                    self.add_schema_permissions(database, catalog, ssh_tunnel)
+                except Exception:  # pylint: disable=broad-except
+                    logger.warning("Error processing catalog '%s'", catalog)
+                    continue
 
         except (
             SSHTunnelInvalidError,
@@ -159,6 +152,26 @@ def run(self) -> Model:
 
         return database
 
+    def add_schema_permissions(
+        self,
+        database: Database,
+        catalog: str,
+        ssh_tunnel: Optional[SSHTunnel],
+    ) -> None:
+        for schema in database.get_all_schema_names(
+            catalog=catalog,
+            cache=False,
+            ssh_tunnel=ssh_tunnel,
+        ):
+            security_manager.add_permission_view_menu(
+                "schema_access",
+                security_manager.get_schema_perm(
+                    database.database_name,
+                    catalog,
+                    schema,
+                ),
+            )
+
     def validate(self) -> None:
         exceptions: list[ValidationError] = []
         sqlalchemy_uri: Optional[str] = self._properties.get("sqlalchemy_uri")