From 0d876432b3a5179f410961a27de2fc7e58631838 Mon Sep 17 00:00:00 2001
From: Vitor Avila <vitor.avila@preset.io>
Date: Fri, 7 Feb 2025 19:08:12 -0300
Subject: [PATCH] Changing order

---
 superset/commands/database/resync_permissions.py | 11 ++++-------
 superset/tasks/permissions.py                    | 11 +++++++----
 2 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/superset/commands/database/resync_permissions.py b/superset/commands/database/resync_permissions.py
index f72920518c65e..0f0b44f55a50a 100644
--- a/superset/commands/database/resync_permissions.py
+++ b/superset/commands/database/resync_permissions.py
@@ -54,13 +54,10 @@ def validate(self) -> None:
         if not self._model:
             raise DatabaseNotFoundError()
 
-        # If OAuth2 connection, we need to impersonate
-        # the current user to trigger the resync
-        if self._model.is_oauth2_enabled():
-            if not self._username:
-                raise UserNotFoundError()
-            if not security_manager.get_user_by_username(self._username):
-                raise UserNotFoundError()
+        if not self._username or not security_manager.get_user_by_username(
+            self._username
+        ):
+            raise UserNotFoundError()
 
         # Make sure the connection works before delegating the task
         def ping(engine: Engine) -> bool:
diff --git a/superset/tasks/permissions.py b/superset/tasks/permissions.py
index 902cd11a59ef6..4aef3bd457c2c 100644
--- a/superset/tasks/permissions.py
+++ b/superset/tasks/permissions.py
@@ -29,16 +29,19 @@
 
 
 @celery_app.task(name="resync_database_permissions", soft_time_limit=600)
-def resync_database_permissions(database_id: int, username: str | None) -> None:
+def resync_database_permissions(database_id: int, username: str) -> None:
     logger.info("Resyncing permissions for DB connection ID %s", database_id)
+    if user := security_manager.get_user_by_username(username):
+        g.user = user
+        logger.info("Impersonating user ID %s", g.user.id)
+    else:
+        logger.error("No user to impersonate/validate permissions")
+        return
     database = DatabaseDAO.find_by_id(database_id)
     ssh_tunnel = DatabaseDAO.get_ssh_tunnel(database_id)
     if not database:
         logger.error("Database ID %s not found", database_id)
         return
-    if username and (user := security_manager.get_user_by_username(username)):
-        g.user = user
-        logger.info("Impersonating user ID %s", g.user.id)
     cmmd = UpdateDatabaseCommand(database_id, {})
     try:
         cmmd._refresh_catalogs(database, database.name, ssh_tunnel)