open-metadata · pmbrull · Oct 23, 2024 · Oct 24, 2024 · Oct 24, 2024 · Dec 20, 2024
@@ -20,6 +20,8 @@
     CreateGlossaryTermRequest,
 )
 from metadata.generated.schema.api.teams.createUser import CreateUserRequest
+from metadata.generated.schema.entity.data.database import Database
+from metadata.generated.schema.entity.data.databaseSchema import DatabaseSchema
 from metadata.generated.schema.entity.data.glossary import Glossary
 from metadata.generated.schema.entity.data.glossaryTerm import GlossaryTerm
 from metadata.generated.schema.entity.services.connections.database.common.basicAuth import (
@@ -30,12 +32,14 @@
 )
 from metadata.generated.schema.entity.services.databaseService import DatabaseService
 from metadata.generated.schema.entity.teams.user import User
+from metadata.ingestion.source.metadata.alationsink.models import Table
 from metadata.workflow.metadata import MetadataWorkflow
 
 from ..containers import MySqlContainerConfigs, get_mysql_container
 from ..integration_base import (
     METADATA_INGESTION_CONFIG_TEMPLATE,
     generate_name,
+    get_create_entity,
     get_create_service,
 )
 
@@ -66,6 +70,26 @@ def service(metadata):
     )
 
 
+@pytest.fixture
+def tables(service, metadata):
+    database: Database = metadata.create_or_update(
+        data=get_create_entity(entity=Database, reference=service.name.root)
+    )
+    db_schema: DatabaseSchema = metadata.create_or_update(
+        data=get_create_entity(
+            entity=DatabaseSchema, reference=database.fullyQualifiedName
+        )
+    )
+    tables = [
+        metadata.create_or_update(
+            data=get_create_entity(entity=Table, reference=db_schema.fullyQualifiedName)
+        )
+        for _ in range(10)
+    ]
+
+    return tables
+
+
 @pytest.fixture(scope="module")
 def workflow(metadata, service, mysql_container):
     service_name = service.name.root

@@ -0,0 +1,71 @@
+#  Copyright 2021 Collate
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#  http://www.apache.org/licenses/LICENSE-2.0
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+"""
+OMeta Bot RBAC tests
+"""
+from _openmetadata_testutils.ometa import int_admin_ometa
+from metadata.generated.schema.configuration.searchSettings import SearchSettings
+from metadata.generated.schema.entity.data.table import Table
+from metadata.generated.schema.entity.teams.user import AuthenticationMechanism, User
+from metadata.generated.schema.settings.settings import Settings, SettingType
+from metadata.ingestion.ometa.ometa_api import OpenMetadata
+from tests.integration.ometa.conftest import service
+
+BOTS = ["ingestion-bot", "profiler-bot"]
+
+
+def get_bot_ometa(metadata, bot: str) -> OpenMetadata:
+    """Get the bot ometa"""
+    automator_bot: User = metadata.get_by_name(entity=User, fqn=bot)
+    automator_bot_auth: AuthenticationMechanism = metadata.get_by_id(
+        entity=AuthenticationMechanism, entity_id=automator_bot.id
+    )
+
+    return int_admin_ometa(jwt=automator_bot_auth.config.JWTToken.get_secret_value())
+
+
+def test_bots_rbac_pagination(metadata, service, tables):
+    """Bots can paginate properly"""
+    query_filter = (
+        '{"query":{"bool":{"must":[{"bool":{"should":[{"term":'
+        f'{{"service.displayName.keyword":"{service.name.root}"}}}}]}}}}]}}}}}}'
+    )
+
+    settings = Settings(
+        config_type=SettingType.searchSettings,
+        config_value=SearchSettings(enableAccessControl=True),
+    )
+    # Ensure search is enabled
+    metadata.client.put("/system/settings", data=settings.model_dump_json())
+
+    for bot in BOTS:
+        bot_ometa = get_bot_ometa(metadata, bot)
+        # First, check the bot can indeed see that data
+        for table in tables:
+            allowed_table = bot_ometa.get_by_name(
+                entity=Table, fqn=table.fullyQualifiedName
+            )
+            assert allowed_table
+            assert (
+                allowed_table.fullyQualifiedName.root == table.fullyQualifiedName.root
+            )
+
+        # Then, make sure that the admin can search those tables
+        admin_assets = list(
+            metadata.paginate_es(entity=Table, query_filter=query_filter, size=2)
+        )
+        assert len(admin_assets) == 10
+
+        # Finally, the bot should also be able to paginate these assets
+        assets = list(
+            bot_ometa.paginate_es(entity=Table, query_filter=query_filter, size=2)
+        )
+        assert len(assets) == 10, f"Pagination validation for bot [{bot}]"
@@ -10,9 +10,7 @@
  *  See the License for the specific language governing permissions and
  *  limitations under the License.
  */
-
-
- /**
+/**
  * Create Request for adding a tag to assets
  */
 export interface AddTagToAssetsRequest {

@@ -10,9 +10,7 @@
  *  See the License for the specific language governing permissions and
  *  limitations under the License.
  */
-
-
- /**
+/**
  * Create Query Request
  */
 export interface CreateQuery {

@@ -10,9 +10,7 @@
  *  See the License for the specific language governing permissions and
  *  limitations under the License.
  */
-
-
- /**
+/**
  * Create a SearchIndex entity request
  */
 export interface CreateSearchIndex {

@@ -10,9 +10,7 @@
  *  See the License for the specific language governing permissions and
  *  limitations under the License.
  */
-
-
- /**
+/**
  * Create Stored Procedure Request
  */
 export interface CreateStoredProcedure {
@@ -205,6 +203,7 @@ export enum Language {
  * This schema defines the type of the type of Procedures
  */
 export enum StoredProcedureType {
+    StoredPackage = "StoredPackage",
     StoredProcedure = "StoredProcedure",
     Udf = "UDF",
 }

@@ -10,9 +10,7 @@
  *  See the License for the specific language governing permissions and
  *  limitations under the License.
  */
-
-
- /**
+/**
  * Create Workflow Instance State Request
  */
 export interface CreateWorkflowInstanceState {

@@ -10,9 +10,7 @@
  *  See the License for the specific language governing permissions and
  *  limitations under the License.
  */
-
-
- /**
+/**
  * This schema defines the Asset Certification Settings.
  */
 export interface AssetCertificationSettings {

@@ -10,9 +10,7 @@
  *  See the License for the specific language governing permissions and
  *  limitations under the License.
  */
-
-
- /**
+/**
  * This schema defines the Limits Configuration.
  */
 export interface LimitsConfiguration {

@@ -10,9 +10,7 @@
  *  See the License for the specific language governing permissions and
  *  limitations under the License.
  */
-
-
- /**
+/**
  * This schema defines the Lineage Settings.
  */
 export interface LineageSettings {

@@ -10,9 +10,7 @@
  *  See the License for the specific language governing permissions and
  *  limitations under the License.
  */
-
-
- /**
+/**
  * This schema defines the Rbac Search Configuration.
  */
 export interface SearchSettings {

@@ -10,9 +10,7 @@
  *  See the License for the specific language governing permissions and
  *  limitations under the License.
  */
-
-
- /**
+/**
  * This schema defines the Slack App Information
  */
 export interface SlackAppConfiguration {

@@ -10,9 +10,7 @@
  *  See the License for the specific language governing permissions and
  *  limitations under the License.
  */
-
-
- /**
+/**
  * Data Insight Custom Chart Result
  */
 export interface DataInsightCustomChartResult {

@@ -10,9 +10,7 @@
  *  See the License for the specific language governing permissions and
  *  limitations under the License.
  */
-
-
- /**
+/**
  * Line Chart
  */
 export interface LineChart {

@@ -10,9 +10,7 @@
  *  See the License for the specific language governing permissions and
  *  limitations under the License.
  */
-
-
- /**
+/**
  * Summary Card
  */
 export interface SummaryCard {

@@ -10,9 +10,7 @@
  *  See the License for the specific language governing permissions and
  *  limitations under the License.
  */
-
-
- /**
+/**
  * This schema defines the applications for Open-Metadata.
  */
 export interface App {
@@ -283,8 +281,12 @@ export interface CollateAIAppConfig {
  *
  * Remove Owner Action Type
  *
+ * Add a Custom Property to the selected assets.
+ *
  * Add owners to the selected assets.
  *
+ * Remove Custom Properties Action Type
+ *
  * Propagate description, tags and glossary terms via lineage
  *
  * ML Tagging action configuration for external automator.
@@ -314,6 +316,9 @@ export interface Action {
      * Update the description even if they are already defined in the asset. By default, we'll
      * only add the descriptions to assets without the description set.
      *
+     * Update the Custom Property even if it is defined in the asset. By default, we will only
+     * apply the owners to assets without the given Custom Property informed.
+     *
      * Update the tier even if it is defined in the asset. By default, we will only apply the
      * tier to assets without tier.
      *
@@ -343,6 +348,12 @@ export interface Action {
      * Description to apply
      */
     description?: string;
+    /**
+     * Owners to apply
+     *
+     * Custom Properties keys to remove
+     */
+    customProperties?: any;
     /**
      * tier to apply
      */
@@ -546,6 +557,8 @@ export interface Style {
  *
  * Add Description Action Type.
  *
+ * Add Custom Properties Action Type.
+ *
  * Remove Description Action Type
  *
  * Add Tier Action Type.
@@ -554,18 +567,22 @@ export interface Style {
  *
  * Remove Owner Action Type
  *
+ * Remove Custom Properties Action Type.
+ *
  * Lineage propagation action type.
  *
  * ML PII Tagging action type.
  */
 export enum ActionType {
+    AddCustomPropertiesAction = "AddCustomPropertiesAction",
     AddDescriptionAction = "AddDescriptionAction",
     AddDomainAction = "AddDomainAction",
     AddOwnerAction = "AddOwnerAction",
     AddTagsAction = "AddTagsAction",
     AddTierAction = "AddTierAction",
     LineagePropagationAction = "LineagePropagationAction",
     MLTaggingAction = "MLTaggingAction",
+    RemoveCustomPropertiesAction = "RemoveCustomPropertiesAction",
     RemoveDescriptionAction = "RemoveDescriptionAction",
     RemoveDomainAction = "RemoveDomainAction",
     RemoveOwnerAction = "RemoveOwnerAction",

@@ -10,9 +10,7 @@
  *  See the License for the specific language governing permissions and
  *  limitations under the License.
  */
-
-
- /**
+/**
  * Propagate description, tags and glossary terms via lineage
  */
 export interface LineagePropagationAction {

@@ -111,7 +111,7 @@ export interface Action {
     /**
      * Owners to apply
      *
-     * Custom Properties to remove
+     * Custom Properties keys to remove
      */
     customProperties?: any;
     /**

@@ -10,9 +10,7 @@
  *  See the License for the specific language governing permissions and
  *  limitations under the License.
  */
-
-
- /**
+/**
  * Configuration for the CollateAI External Application.
  */
 export interface CollateAIAppConfig {

@@ -10,9 +10,7 @@
  *  See the License for the specific language governing permissions and
  *  limitations under the License.
  */
-
-
- /**
+/**
  * This schema defines the Slack App Token Configuration
  */
 export interface SlackAppTokenConfiguration {