[AIRFLOW-1846][AIRFLOW-1697] Hide Ad Hoc Query behind secure_mode config

Closes #2895 from bitsofdave/AIRFLOW-1846
2017-12-22 13:52:34 +01:00 · 2017-12-22 13:52:34 +01:00 · 657c5228ba
--- a/airflow/config_templates/default_airflow.cfg
+++ b/airflow/config_templates/default_airflow.cfg
@ -128,8 +128,8 @@ default_impersonation =
 # What security module to use (for example kerberos):
 security =

-# If set to False enables some unsecure features like Charts. In 2.0 will
-# default to True.
+# If set to False enables some unsecure features like Charts and Ad Hoc Queries.
+# In 2.0 will default to True.
 secure_mode = False

 # Turn unit test mode on (overwrites many configuration options with test
--- a/airflow/config_templates/default_test.cfg
+++ b/airflow/config_templates/default_test.cfg
@ -39,6 +39,7 @@ fernet_key = {FERNET_KEY}
 non_pooled_task_slot_count = 128
 enable_xcom_pickling = False
 killed_task_cleanup_time = 5
+secure_mode = False

 [cli]
 api_client = airflow.api.client.local_client
--- a/airflow/www/app.py
+++ b/airflow/www/app.py
@ -69,9 +69,8 @@ def create_app(config=None, testing=False):
        vs = views
        av(vs.Airflow(name='DAGs', category='DAGs'))

-        av(vs.QueryView(name='Ad Hoc Query', category="Data Profiling"))
-
        if not conf.getboolean('core', 'secure_mode'):
+            av(vs.QueryView(name='Ad Hoc Query', category="Data Profiling"))
            av(vs.ChartModelView(
                models.Chart, Session, name="Charts", category="Data Profiling"))
        av(vs.KnownEventView(
--- a/tests/core.py
+++ b/tests/core.py
@ -1857,6 +1857,27 @@ class WebUiTests(unittest.TestCase):
        session.close()


+class SecureModeWebUiTests(unittest.TestCase):
+    def setUp(self):
+        configuration.load_test_config()
+        configuration.conf.set("webserver", "authenticate", "False")
+        configuration.conf.set("core", "secure_mode", "True")
+        app = application.create_app()
+        app.config['TESTING'] = True
+        self.app = app.test_client()
+
+    def test_query(self):
+        response = self.app.get('/admin/queryview/')
+        self.assertEqual(response.status_code, 404)
+
+    def test_charts(self):
+        response = self.app.get('/admin/chart/')
+        self.assertEqual(response.status_code, 404)
+
+    def tearDown(self):
+        configuration.remove_option("core", "SECURE_MODE")
+
+
 class WebPasswordAuthTest(unittest.TestCase):
    def setUp(self):
        configuration.conf.set("webserver", "authenticate", "True")