refactor: Cleanup user get_id/get_user_id

[john-bodley]

SUMMARY

This is the first PR in a slew of many to cleanup/standardize the user ID/username logic. Specifically it:

1. Replaces the Flask-AppBuilder User.get_id and Flask-Login UserMixin.get_id calls which returns Optional[str] with a get_user_id convenience method which returns Optional[int]. I'm not sure how problematic this was given I doubt authors know of this nuance and thus many Python == checks would have failed, i.e., 1 == "1" evaluates to False, however the database filters may have been more lenient, i.e., in MySQL SELECT 1 = '1' evaluates to true.
2. Fixes get_owner which returned the ID of the current user and not the referenced user.
3. Additional cleanup.

BEFORE/AFTER SCREENSHOTS OR ANIMATED GIF

TESTING INSTRUCTIONS

CI.

ADDITIONAL INFORMATION

• Has associated issue:
• Required feature flags:
• Changes UI
• Includes DB Migration (follow approval process in SIP-59)
  • Migration is atomic, supports rollback & is backwards-compatible
  • Confirm DB migration upgrade and downgrade tested
  • Runtime estimates and downtime expectations provided
• Introduces new feature or API
• Removes existing feature or API

[john-bodley]

Avoiding passing around the global user. More on this in a later PR.

[john-bodley]

The get_user_id method is a classmethod and thus doesn't return the ID associated with the user object but rather the g.user.id. In this case they're the same but it's very misleading.

[john-bodley]

See above. This is wrong, user.get_user_id does not return user.id—for non-anonymous users—but rather g.user.id. The reason this isn't an issue is that user is always g.user. I'm working on another PR which will replace get_owner with get_user_id.

[john-bodley]

Same logic but ensuring we use the same get_user_id method.

[john-bodley]

Mixed types, though likely benign from the database's perspective—at least for MySQL.

[john-bodley]

Mixed types, though likely benign from the database's perspective—at least for MySQL.

[john-bodley]

I'm not sure what the ramifications of assigning user_id to a str was.

[john-bodley]

Mixed types, though likely benign from the database's perspective—at least for MySQL.

[john-bodley]

Mixed types, though likely benign from the database's perspective—at least for MySQL.

[john-bodley]

Mixed types, though likely benign from the database's perspective—at least for MySQL.

[codecov]

Codecov Report

Merging #20492 (fbd0f62) into master (b33c23e) will decrease coverage by 11.76%.
The diff coverage is 63.79%.

❗ Current head fbd0f62 differs from pull request most recent head 409b7d6. Consider uploading reports for the commit 409b7d6 to get more accurate results

@@             Coverage Diff             @@
##           master   #20492       +/-   ##
===========================================
- Coverage   66.75%   54.98%   -11.77%     
===========================================
  Files        1740     1745        +5     
  Lines       65156    65394      +238     
  Branches     6900     6900               
===========================================
- Hits        43492    35960     -7532     
- Misses      19915    27685     +7770     
  Partials     1749     1749               

Flag	Coverage Δ
hive	53.76% <63.79%> (+0.04%)	⬆️
mysql	?
postgres	?
presto	53.62% <63.79%> (+0.04%)	⬆️
python	58.39% <63.79%> (-24.46%)	⬇️
sqlite	?
unit	50.65% <51.72%> (+0.10%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files	Coverage Δ
superset/charts/api.py	50.37% <0.00%> (-35.61%)	⬇️
superset/dashboards/api.py	51.45% <0.00%> (-41.28%)	⬇️
superset/key_value/utils.py	86.48% <0.00%> (-8.11%)	⬇️
superset/views/base_schemas.py	0.00% <0.00%> (ø)
superset/views/sql_lab.py	56.57% <14.28%> (-3.69%)	⬇️
superset/jinja_context.py	84.58% <25.00%> (-6.57%)	⬇️
superset/security/manager.py	62.33% <50.00%> (-33.02%)	⬇️
superset/views/core.py	34.79% <55.55%> (-42.57%)	⬇️
superset/charts/dao.py	48.88% <100.00%> (-39.75%)	⬇️
superset/charts/data/api.py	89.80% <100.00%> (ø)
... and 299 more

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update b33c23e...409b7d6. Read the comment docs.

[ktmud]

Will we ever need to get a list of favorited charts for other users?

[john-bodley]

@ktmud no. Also this logic is going to refactored in another PR. In general Superset does not handle users other than the current logged in user. There have been recent mechanisms added to override the user globally if needed.