question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

[bug] cc.write(overwrite=True) affecting permissions

See original GitHub issue

For carto version <=0.6.2 I am seeing the following strange behaviour.

If I overwrite a dataset using cc.write(df,"dataset",overwrite=True) then any share permissions on the updated dataset stop working.

You can test it as follows:

# pipenv install "cartoframes<=0.6.2" jupyter --skip-lock

import cartoframes
from cartoframes import Credentials
import pandas as pd
import requests

#  ---Setup two users one is the dataset owner the second has the dataset shared with it---
privateuser="privateuser"
private_url="https://privateuser.carto.com"
private_api_key="xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"

publicuser="publicuser"
public_url="https://publicuser.carto.com"
public_api_key="xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"

cc = cartoframes.CartoContext(base_url=private_url, api_key=private_api_key)

private_dataset = "private_table"
df = cc.read(private_dataset)

updated_df = df
updated_df.value = round(df.value*1000)

# Write and fetch
url = f'{public_url}/api/v2/sql?q=SELECT * FROM "{privateuser}".{private_dataset} LIMIT 10&api_key={public_api_key}'

# Before the write the URL works fine
r = requests.get(url) 
r.status_code == 200

cc.write(updated_df, private_dataset, overwrite = True)

# After the write the URL returns 401 permission denied
r = requests.get(url) 
r.status_code == 401
r.content
# b'{"error":["permission denied for relation private_table"]}'

In the rails app the ACL/Permissions record for the dataset hasn’t changed. So I don’t understand why it would reset the permission when querying via the sql api?

Issue Analytics

  • State:closed
  • Created 5 years ago
  • Comments:26 (24 by maintainers)

github_iconTop GitHub Comments

2reactions
andy-eschcommented, Feb 27, 2019

Ok, it’s confirmed: if you create an api key for a dataset, then do a cartoframes write operation with overwrite, then that invalidates the api key/table combo.

This is a feature of the Auth API that I wasn’t aware of until now. To prevent this from happening in cartoframes would require a non-trivial refactoring of the code as well. We’re going to put our heads together and figure out a solution and ping back here because the behavior you are expecting is what should be in place.

cc @inigomedina

1reaction
oleurudcommented, Nov 14, 2019

I like the idea. We could even move deeper doing truncate the default one and making the DROP + CREATE the “special” case (only for cases when the data structure has changed (user will be responsible of choosen the right option))

Read more comments on GitHub >

github_iconTop Results From Across the Web

Permission Overwrite not changing the discord channel ...
But when I do this it doesn't work. Not error at all. Exact Place of Code: if str(ticket_closure_reaction.emoji) == "✓" ...
Read more >
sFTP users permissions to overwrite/edit over root owned files
I have a script which creates folders and files under /var/www , so permissions are automatically set to root:root , so to enable...
Read more >
emacs can't overwrite user's own write protection on file
To change the permissions of a file, use one of the following: Command chmod; Dired, with M (command dired-do-chmod ). Use C-h f ......
Read more >
Spark - Overwrite the output directory
Spark/PySpark by default doesn't overwrite the output directory on S3, HDFS, or any other file systems, when you try to write the DataFrame ......
Read more >
[RESOLVED] Permission to edit pages only if user ... - MediaWiki
Hello All, I am new to MediaWiki, I wanted to know is there a way to allow user to edit a specific page...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found