Auto-role creation#1630

Open

shangyian wants to merge 3285 commits intoDataJunction:mainfrom

shangyian:namespace-role

Collaborator

shangyian commented Jan 1, 2026 •

edited

Loading

Summary

This implements the first phase of the RBAC migration strategy from issue #1575. When namespaces are created, we now automatically create owner roles and assign them to the creator.

This prepares the codebase for RBAC without changing current behavior. Since default_access_policy = "permissive", existing access patterns remain unchanged - everyone can still access everything. The roles are simply "staged" in the database for when RBAC enforcement is enabled.

Test Plan

PR has an associated issue: RBAC for Nodes and Namespaces #1575
make check passes
make test shows 100% unit test coverage

Deployment Plan

shangyian and others added 30 commits

February 11, 2025 18:47


          Add additional logging for GQL endpoints

38a0dd2


          Remove some pylint skips

432689a


          Remove more pylint

4c69133


          Remove pylint directives

8c9dbc4


          Remove additional pylint directives

f373a00


          Fix tests

1816a90


          Fix coverage

d4bee92


          Fix materialization

518f8f3


          Merge pull request DataJunction#1308 from shangyian/fix-openapi-json

68fb486

Fix Pydantic model definition for valid OpenAPI schema


          Endpoints and data model for saving user notification subscriptions (D…

1d6319b

…ataJunction#1284)

* Endpoints and data model for saving user notification subscriptions

* linters on alembic version

* Update tests given new index

* ruff

* Remove renamed notification.py

* Remove pylint comment, no longer needed

* add filter to notification test

* ruff

* ruff ruff

* Fix node name in test


          run tests on main branch after merging PR (DataJunction#1310)

cf70ce0


          Add foreign key reference mapping to dimension link metadata output (D…

f206de7

…ataJunction#1313)

* Add support for exposing additional complex dim link foreign keys

* Fix linters

* Fix tests


          Python and javascript integration tests (DataJunction#1311)

944f55e


          Add/Edit Node Page UI Extension (DataJunction#1314)

fb3cc28

* Add support for extensions in the add/edit node page UI

* Fix lint

* Run linters

* Remove logging

* Add ability to configure label style


          Bumping DJ to version 0.0.1a87 (DataJunction#1312)

8da9b84

Co-authored-by: GitHub Actions Bot <>


          Added cache interface and cachelib + noop implementations (DataJuncti…

00f4e9c

…on#1209)

* Added cache interface and cachelib + noop implementations

* Tests for caching

* tweak docs a bit

* ruff


          Update java client (DataJunction#1315)

e9bb4e2

* Update java client

* Remove redundant @JsonProperty


          Various UI Bugfixes (DataJunction#1317)

ea6d490

* Fix bug with displaying primary key when creating nodes

* Fail build if UI linters fail

* Fix various warnings from UI

* Fix manifest error

* Fix warnings for same key

* Additional fixes

* Additional fixes

* Fix

* Fix snapshot

* Fix lint


          Add better metric metadata to materializations (DataJunction#1322)

abadac5

* Add better metric metadata to materializations

* Fix tests

* Add display name to cube


          Bumping DJ to version 0.0.1a88 (DataJunction#1319)

d5ea731

Co-authored-by: GitHub Actions Bot <>


          Fix YAML tagging so that all nodes actually get tagged (DataJunction#…

2598d91

…1325)


          Decompose ANY_VALUE in metric definitions into measures (DataJunction…

2ee5767

…#1326)

* Add measures handling for ANY_VALUE function

* Add test for decompose of ANY_VALUE


          Bumping DJ to version 0.0.1a89 (DataJunction#1327)

e4f36c1

Co-authored-by: GitHub Actions Bot <>


          Fix Cube() making in DJ client. (DataJunction#1329)

59c040c


          Bumping DJ to version 0.0.1a90 (DataJunction#1332)

761e588

Co-authored-by: GitHub Actions Bot <>


          Fix aggregation function check for metric definition (DataJunction#1331)

b2c4b1e


          Process every history event through notifier depnedency after saving (D…

31a9d0e

…ataJunction#1333)


          Normalize all column names to be lowercase (DataJunction#1335)

c4a424c

* Normalize all column names to be lowercase

* Fix pdm setup

* Fix normalize case

* Fix


          Bumping DJ to version 0.0.1a91 (DataJunction#1334)

7ae4f0c

Co-authored-by: GitHub Actions Bot <>


          Fix java build (DataJunction#1338)

83e52b6

shangyian and others added 14 commits

December 14, 2025 21:53


          Upgrade node version, unpin package resolutions (DataJunction#1610)

de05614

* Upgrade node version, unpin package resolutions

* Fix


          Add docs on metric decomposition (DataJunction#1614)

* Add docs on metric decomposition

* Provide a cleaner example

* Remove best practices since those don't generalize well


          Add support for approx_count_distinct decomposition (DataJunction#1612

d530bfd

)

* Refactor complex metric to simple aggregation decomposition and add support for approx_count_distinct decomposition

* Fix tests

* Add materialization docs


          Support Variance, Std Dev, Covariance, and Correlation Decomposition …

d374f8b

…into Aggregable Measures (DataJunction#1617)

* Add support for variance

* Add support for covariance decompositions

* Add docs on supported decompositions


          Fix issue where reactivating nodes also revalidates downstreams, whic…

20aae46

…h may need cube elements to be loaded if the downstreams contain cubes (DataJunction#1618)


          Bumping DJ to version 0.0.24 (DataJunction#1611)

678730f

Co-authored-by: GitHub Actions Bot <>


          Add ability to filter by nodes with dimension (DataJunction#1620)

5d898a3


          Do profiling and speed up query generation (DataJunction#1622)

e006675


          Bumping DJ to version 0.0.25 (DataJunction#1621)

Co-authored-by: GitHub Actions Bot <>


          Add foundation for derived metrics so that users can add metrics that…

399568c

… reference other metrics (DataJunction#1619)


          Fix issue when parsing expressions with decimal numbers at end of inp…

a68a308

…ut (DataJunction#1624)


          SQL Gen v3 (DataJunction#1623)

03e38a4

Add SQL generation for measures and metrics SQL (v3)


          Revamp Filters Section (DataJunction#1628)

291c721

* Add and improve filters tab

* Support filters resolution in graphql

* Fix filtering

* Clean up UI and graphql APIs

* Fix error

* Fix typing issue for pydantic v2

* Fix all tests with long/bigint distinction

* Fix types issue


          Set up authorization service (DataJunction#1579)

5dc36ae

* Set up authorization service, with an AuthContext for verifying role assignments and a separate authorize func to replace validate_access_requests

* Fix all endpoints and tests to use new setup with AccessChecker

* Refactor authorization logic into multiple modules + fix authorization tests

* Fix

netlify bot commented Jan 1, 2026 •

edited

Loading

✅ Deploy Preview for thriving-cassata-78ae72 canceled.

Name	Link
🔨 Latest commit	`8d27b7d`
🔍 Latest deploy log	https://app.netlify.com/projects/thriving-cassata-78ae72/deploys/69589fcdfa3f7100089500e5

shangyian added 4 commits

January 1, 2026 16:28


          Speed up tests (DataJunction#1629)

481bb3d

Speed up unit tests by:
- Switching to a single postgres container that is shared, with separate databases in that container for isolation
- Creating a template postgres db with all examples loaded rather than reloading them with API calls


          Namespace auto-role creation

cb51cdb


          Node auto-role creation

7c7401a


          Add script for backfilling owner roles

361cf45

shangyian force-pushed the namespace-role branch from 304f479 to 8dadf14 Compare

January 2, 2026 00:28


          Add tests

4900aef

shangyian force-pushed the namespace-role branch 2 times, most recently from 4900aef to e4c0d4b Compare

January 2, 2026 04:27


          Fix tests

d991e35

shangyian force-pushed the namespace-role branch from e4c0d4b to d991e35 Compare

January 2, 2026 06:25

shangyian added 3 commits

January 2, 2026 06:24


          Fix tests

47b8099

Fix

dd3c1e6


          Only auto-create roles for namespace creation

8d27b7d

shangyian marked this pull request as ready for review

January 3, 2026 14:49

shangyian force-pushed the main branch from 52c88f0 to 5e6a05f Compare

April 1, 2026 09:07

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet