[bug] cc.write(overwrite=True) affecting permissions
See original GitHub issueFor carto version <=0.6.2
I am seeing the following strange behaviour.
If I overwrite a dataset using cc.write(df,"dataset",overwrite=True)
then any share permissions on the updated dataset
stop working.
You can test it as follows:
# pipenv install "cartoframes<=0.6.2" jupyter --skip-lock
import cartoframes
from cartoframes import Credentials
import pandas as pd
import requests
# ---Setup two users one is the dataset owner the second has the dataset shared with it---
privateuser="privateuser"
private_url="https://privateuser.carto.com"
private_api_key="xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
publicuser="publicuser"
public_url="https://publicuser.carto.com"
public_api_key="xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
cc = cartoframes.CartoContext(base_url=private_url, api_key=private_api_key)
private_dataset = "private_table"
df = cc.read(private_dataset)
updated_df = df
updated_df.value = round(df.value*1000)
# Write and fetch
url = f'{public_url}/api/v2/sql?q=SELECT * FROM "{privateuser}".{private_dataset} LIMIT 10&api_key={public_api_key}'
# Before the write the URL works fine
r = requests.get(url)
r.status_code == 200
cc.write(updated_df, private_dataset, overwrite = True)
# After the write the URL returns 401 permission denied
r = requests.get(url)
r.status_code == 401
r.content
# b'{"error":["permission denied for relation private_table"]}'
In the rails app the ACL/Permissions record for the dataset hasn’t changed. So I don’t understand why it would reset the permission when querying via the sql api?
Issue Analytics
- State:
- Created 5 years ago
- Comments:26 (24 by maintainers)
Top Results From Across the Web
Permission Overwrite not changing the discord channel ...
But when I do this it doesn't work. Not error at all. Exact Place of Code: if str(ticket_closure_reaction.emoji) == "✓" ...
Read more >sFTP users permissions to overwrite/edit over root owned files
I have a script which creates folders and files under /var/www , so permissions are automatically set to root:root , so to enable...
Read more >emacs can't overwrite user's own write protection on file
To change the permissions of a file, use one of the following: Command chmod; Dired, with M (command dired-do-chmod ). Use C-h f ......
Read more >Spark - Overwrite the output directory
Spark/PySpark by default doesn't overwrite the output directory on S3, HDFS, or any other file systems, when you try to write the DataFrame ......
Read more >[RESOLVED] Permission to edit pages only if user ... - MediaWiki
Hello All, I am new to MediaWiki, I wanted to know is there a way to allow user to edit a specific page...
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
Ok, it’s confirmed: if you create an api key for a dataset, then do a cartoframes write operation with overwrite, then that invalidates the api key/table combo.
This is a feature of the Auth API that I wasn’t aware of until now. To prevent this from happening in cartoframes would require a non-trivial refactoring of the code as well. We’re going to put our heads together and figure out a solution and ping back here because the behavior you are expecting is what should be in place.
cc @inigomedina
I like the idea. We could even move deeper doing
truncate
the default one and making the DROP + CREATE the “special” case (only for cases when the data structure has changed (user will be responsible of choosen the right option))