Superset is an incubator project of apache, positioned as a modern, quasi-commercial BI system
superset
Apache Superset (incubating) is a modern, enterprise-ready business intelligence web application
Superset apache is an incubator project, positioned as a modern, quasi-commercial BI system.
Superset (Caravel) is a visualization platform (formerly known as Caravel, Panoramix), the tool main features are self-analysis by the open source data analysis Airbnb (well-known online house short lease company), custom dashboards, analysis results visualization (export ), user / role access control, also incorporates a SQL editor, you can edit the SQL query.
By superset, you can create beautiful charts.
Preview
superset installation
We here directly docker
git clone https://github.com/apache/incubator-superset/
cd incubator-superset/contrib/docker
# prefix with SUPERSET_LOAD_EXAMPLES=yes to load examples:
docker-compose run --rm superset ./docker-init.sh
# you can run this command everytime you need to start superset now:
docker-compose up
Once built, visit http: // localhost: 8088 to.
Want to integrate their own applications, we must first solve certification
superset Certificate of Analysis
flask-appbuilder superset based development, based on Security flask_appbuilder.security, read its code,
Find the entrance: superset/__init__.py
:
custom_sm = app.config.get('CUSTOM_SECURITY_MANAGER') or SupersetSecurityManager
if not issubclass(custom_sm, SupersetSecurityManager):
raise Exception(
"""Your CUSTOM_SECURITY_MANAGER must now extend SupersetSecurityManager,
not FAB's security manager.
See [4565] in UPDATING.md""")
appbuilder = AppBuilder(
app,
db.session,
base_template='superset/base.html',
indexview=MyIndexView,
security_manager_class=custom_sm,
update_perms=get_update_perms_flag(),
)
security_manager = appbuilder.sm
Default SupersetSecurityManager
, inherited from SecurityManager
:
class SupersetSecurityManager(SecurityManager):
def get_schema_perm(self, database, schema):
if schema:
return '[{}].[{}]'.format(database, schema)
def can_access(self, permission_name, view_name):
"""Protecting from has_access failing from missing perms/view"""
user = g.user
if user.is_anonymous:
return self.is_item_public(permission_name, view_name)
return self._has_view_access(user, permission_name, view_name)
...
We look SecurityManager and parent found, login is controlled by auth_view default is AUTH_DB, which is AuthDBView.
""" Override if you want your own Authentication LDAP view """
authdbview = AuthDBView
if self.auth_type == AUTH_DB:
self.user_view = self.userdbmodelview
self.auth_view = self.authdbview()
@property
def get_url_for_login(self):
return url_for('%s.%s' % (self.sm.auth_view.endpoint, 'login'))
Look at authdbview:
class AuthDBView(AuthView):
login_template = 'appbuilder/general/security/login_db.html'
@expose('/login/', methods=['GET', 'POST'])
def login(self):
if g.user is not None and g.user.is_authenticated:
return redirect(self.appbuilder.get_url_for_index)
form = LoginForm_db()
if form.validate_on_submit():
user = self.appbuilder.sm.auth_user_db(form.username.data, form.password.data)
if not user:
flash(as_unicode(self.invalid_login_message), 'warning')
return redirect(self.appbuilder.get_url_for_login)
login_user(user, remember=False)
return redirect(self.appbuilder.get_url_for_index)
return self.render_template(self.login_template,
title=self.title,
form=form,
appbuilder=self.appbuilder)
Provide external '/ login /' interfaces, read the HTTP POST in the user name and password, and then call auth_user_db verification, validation login_user generates authentication information by calling.
Therefore, we can customize AuthDBView, changed from our own application certification can be.
Use jwt to verify superset
Custom CustomAuthDBView, inherited from AuthDBView, jwt token can be passed through a cookie or login url parameters, and then verify passed, automatic login.
import jwt
import json
class CustomAuthDBView(AuthDBView):
login_template = 'appbuilder/general/security/login_db.html'
@expose('/login/', methods=['GET', 'POST'])
def login(self):
token = request.args.get('token')
if not token:
token = request.cookies.get('access_token')
if token is not None:
jwt_payload = jwt.decode(token,'secret',algorithms=['RS256'])
user_name = jwt_payload.get("user_name")
user = self.appbuilder.sm.find_user(username=user_name)
if not user:
role_admin = self.appbuilder.sm.find_role('Admin')
user = self.appbuilder.sm.add_user(user_name, user_name, 'aimind', user_name + "@aimind.com", role_admin, password = "aimind" + user_name)
if user:
login_user(user, remember=False)
redirect_url = request.args.get('redirect')
if not redirect_url:
redirect_url = self.appbuilder.get_url_for_index
return redirect(redirect_url)
else:
return super(CustomAuthDBView,self).login()
else:
flash('Unable to auto login', 'warning')
return super(CustomAuthDBView,self).login()
If the user does not exist, the user is automatically added by self.appbuilder.sm.add_user.
Then introduced this CustomAuthDBView,
class CustomSecurityManager(SupersetSecurityManager):
authdbview = CustomAuthDBView
Finally, the introduction of this CustomSecurityManager, increase in superset_config.py in:
from aimind_security import CustomSecurityManager
CUSTOM_SECURITY_MANAGER = CustomSecurityManager
In applications where integrated superset
Integration is simple, accessible, 'SUPER_SET_URL / login /? Token = jwt_token' can be seamlessly integrated via iframe.
Author: Jadepeng
Source: jqpeng technical notepad - http://www.cnblogs.com/xiaoqi
Your support is the greatest encouragement blogger, thank you for your read.
This article belongs to the author of all, welcome to reprint, but without the author's consent declared by this section must be retained, and given the original connection in the apparent position of the article page, otherwise the right to pursue legal responsibilities.