Skip to content
Snippets Groups Projects
Select Git revision
  • skip-some-uberjar-builds
  • adm-516-app-partially-crashes-during-navigation
  • master default protected
  • pr_env_paginated
  • fix-charts-glitches-in-safari
  • adm-512-fe-show-synced-folder-in-disconnect-modal
  • adm-476-sheets-only-admin-who-started-the-sync-should-see-the-sync
  • dri-117-bring-starburst-in-house
  • cast-date-integration
  • release-x.53.x
  • backport-52-aebf3c8a2d5e11a4c50068e7fdd6b5779b73b602
  • backport-53-aebf3c8a2d5e11a4c50068e7fdd6b5779b73b602
  • disable-column-reordering-on-raw-query-views
  • adm-460-press-escape-to-close-entity-picker
  • segmented-control-colors
  • adm-470-refactor-prep
  • adm-546-ui-for-syncing-sheets-or-folders
  • nm-field-refs-for-tile-queries
  • release-x.52.x
  • backport-53-29a52abdfaf7c9341d4f0a657c192b92447d00a5
  • v0.53.7.5
  • v0.53.7.x
  • v0.53.x
  • embedding-sdk-52-stable
  • embedding-sdk-0.52.17
  • embedding-sdk-53-stable
  • embedding-sdk-0.53.12
  • v0.52.16.3
  • v0.52.16.x
  • v0.52.x
  • v0.53.7.4
  • v0.53.7.3
  • v0.53.7.2
  • v0.53.7.1
  • v0.52.16.1
  • v0.52.16.2
  • v0.52.16
  • latest-ee
  • latest-oss
  • v0.53.7
40 results
Compare
user avatar
Allow actions to run on H2 and sample database (#28212)
Cal Herries authored 
* Decouple checking ddl from classifying h2 stmts

- should enable followup for easily blocking more kinds of queries
- check all statements to make sure they aren't "ddl".

* fix classify-query

* linter fixes + get-field refactor

* return the CommandInterface values as ints

Reach into the CommandList when needed

* docstring wording

* catch invalid queries -- they can't be classified

* Remove action subtypes from inlined-models

* Add ddl check for `execute-write-query!`

* Remove ACCESS_MODE_DATA

* Check queries are single select statements

* Add test for sample database privileges

* Fix single-select check

* Add single-select test

* Rename and add more tests for checking read only commands

* commands -> statements

* Fix check-disallow-ddl-commands

* new line

* Add more read-only statements to the tests

* Update error text

* Use are

* Add integration test for executing actions with disallowed commands

* Add test before inserting row

* Run GRANT ALL ON SCHEMA "PUBLIC" TO GUEST

* Restore classify-query

* whitespace

---------

Co-authored-by: default avatarBryan Maass <bryan.maass@gmail.com>
6ad641d8
History
user avatar 6ad641d8
History
Name Last commit Last update
.babel_cache
.circleci
.clj-kondo
.devcontainer
.github
.husky
.lsp
.storybook
.vscode
bin
dev
docs
enterprise
frontend
hooks
locales
modules/drivers
resources
shared
snowplow
src/metabase
test/metabase
test_config
test_modules/drivers
test_resources
.dir-locals.el
.dockerignore
.editorconfig
.eslintignore
.eslintrc
.gitignore
.mlc_config.json
.percy.yml
.prettierignore
.prettierrc
.yarnrc
Dockerfile
LICENSE-AGPL.txt
LICENSE-EMBEDDING.txt
LICENSE-MCL.txt
LICENSE.txt
README.md
SECURITY.md
babel.config.json
build.clj
codecov.yml
deps.edn
jest.tz.unit.conf.json
jest.unit.conf.json
jsconfig.json
package.json
postcss.config.js
shadow-cljs.edn
tsconfig.json
webpack.config.js
webpack.shared.config.js
webpack.static-viz.config.js
yarn.lock
zen.md
README.md

Metabase

Metabase is the easy, open-source way for everyone in your company to ask questions and learn from data.

Metabase Product Screenshot

Latest Release Circle CI codecov Docker Pulls

Features

Take a tour of Metabase.

Supported databases

Installation

Metabase can be run just about anywhere. Check out our Installation Guides.

Contributing

To get started with a development installation of the Metabase, check out our Developers Guide.

Internationalization

We want Metabase to be available in as many languages as possible. See which translations are available and help contribute to internationalization using our project over at POEditor. You can also check out our policies on translations.

Extending Metabase

Hit our Query API from Javascript to integrate analytics. Metabase enables your application to:

  • Build moderation interfaces.
  • Export subsets of your users to third party marketing automation software.
  • Provide a custom customer lookup application for the people in your company.

Check out our guide, Working with the Metabase API.

Security Disclosure

See SECURITY.md for details.

License

This repository contains the source code for both the Open Source edition of Metabase, released under the AGPL, as well as the commercial editions of Metabase, which are released under the Metabase Commercial Software License.

See LICENSE.txt for details.

Unless otherwise noted, all files © 2023 Metabase, Inc.

Metabase Experts

If you’d like more technical resources to set up your data stack with Metabase, connect with a Metabase Expert.