Add migration to remove native read permissions entries

resources/migrations/000_migrations.yaml

@@ -4172,3 +4172,12 @@ databaseChangeLog:
               remarks: 'When was this User last updated?'
         - sql:
             sql: update core_user set updated_at=date_joined
+# In 0.30.0 we finally removed the long-deprecated native read permissions. Since they're no longer considered valid by
+# our permissions code, remove any entries for them so they don't cause problems.
+  - changeSet:
+      id: 86
+      author: camsaul
+      comment: 'Added 0.30.0'
+      changes:
+        - sql:
+            sql: DELETE FROM permissions WHERE object LIKE '%/native/read/'

src/metabase/api/common/internal.clj

@@ -4,6 +4,7 @@
   (:require [clojure.string :as str]
             [clojure.tools.logging :as log]
             [medley.core :as m]
+            [metabase.config :as config]
             [metabase.util :as u]
             [metabase.util.schema :as su]
             [puppetlabs.i18n.core :refer [trs tru]]
@@ -51,8 +52,12 @@
   (if-not schema
     ""
     (or (su/api-error-message schema)
-        (log/warn (str (trs "We don't have a nice error message for schema: {0}." schema)
-                       (trs "Consider wrapping it in `su/with-api-error-message`."))))))
+        ;; Don't try to i18n this stuff! It's developer-facing only.
+        (when config/is-dev?
+          (log/warn
+           (u/format-color 'red (str "We don't have a nice error message for schema: %s\n"
+                                     "Consider wrapping it in `su/with-api-error-message`.")
+             schema))))))
 
 (defn- param-name
   "Return the appropriate name for this PARAM-SYMB based on its SCHEMA. Usually this is just the name of the

src/metabase/db/migrations.clj

@@ -76,20 +76,6 @@
 ;;; |                                                   MIGRATIONS                                                   |
 ;;; +----------------------------------------------------------------------------------------------------------------+
 
-;; Upgrade for the `Card` model when `:database_id`, `:table_id`, and `:query_type` were added and needed populating.
-;;
-;; This reads through all saved cards, extracts the JSON from the `:dataset_query`, and tries to populate
-;; the values for `:database_id`, `:table_id`, and `:query_type` if possible.
-(defmigration ^{:author "agilliland", :added "0.12.0"} set-card-database-and-table-ids
-  ;; only execute when `:database_id` column on all cards is `nil`
-  (when (zero? (db/count Card
-                 :database_id [:not= nil]))
-    (doseq [{id :id {:keys [type] :as dataset-query} :dataset_query} (db/select [Card :id :dataset_query])]
-      (when type
-        ;; simply resave the card with the dataset query which will automatically set the database, table, and type
-        (db/update! Card id, :dataset_query dataset-query)))))
-
-
 ;; Set the `:ssl` key in `details` to `false` for all existing MongoDB `Databases`.
 ;; UI was automatically setting `:ssl` to `true` for every database added as part of the auto-SSL detection.
 ;; Since Mongo did *not* support SSL, all existing Mongo DBs should actually have this key set to `false`.

src/metabase/models/user.clj

@@ -12,6 +12,7 @@
             [metabase.util
              [date :as du]
              [schema :as su]]
+            [puppetlabs.i18n.core :refer [tru]]
             [schema.core :as s]
             [toucan
              [db :as db]
@@ -133,7 +134,8 @@
 
 (def LoginAttributes
   "Login attributes, currently not collected for LDAP or Google Auth. Will ultimately be stored as JSON"
-  {su/KeywordOrString (s/cond-pre s/Str s/Num)})
+  {su/KeywordOrString (su/with-api-error-message (s/cond-pre s/Str s/Num)
+                        (tru "value must be a string or number."))})
 
 (def NewUser
   "Required/optionals parameters needed to create a new user (for any backend)"