This is an automated email from the ASF dual-hosted git repository. aminghadersohi pushed a commit to branch work-pr-39604 in repository https://gitbox.apache.org/repos/asf/superset.git
commit 025ab1a5fef97e0e5f1705522a6e181cfa2de8c3 Author: Amin Ghadersohi <[email protected]> AuthorDate: Sat May 16 23:27:54 2026 +0000 fix(mcp): update security_manager patch target in tool-search tests _tool_allowed_for_current_user now delegates to check_tool_permission (auth.py) which uses the module-level security_manager binding. patch('superset.security_manager') no longer intercepts those calls; update the 4 affected tests to patch the correct location: 'superset.mcp_service.auth.security_manager'. Co-Authored-By: Claude Sonnet 4.6 <[email protected]> --- tests/unit_tests/mcp_service/test_tool_search_transform.py | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/tests/unit_tests/mcp_service/test_tool_search_transform.py b/tests/unit_tests/mcp_service/test_tool_search_transform.py index b8f301c9692..5042af23e3e 100644 --- a/tests/unit_tests/mcp_service/test_tool_search_transform.py +++ b/tests/unit_tests/mcp_service/test_tool_search_transform.py @@ -869,7 +869,7 @@ def test_tool_search_permission_filter_hides_disallowed_tools(): with app.app_context(): g.user = SimpleNamespace(username="viewer") with patch( - "superset.security_manager", new_callable=MagicMock + "superset.mcp_service.auth.security_manager", new_callable=MagicMock ) as security_manager: security_manager.can_access.side_effect = [True, False] @@ -970,7 +970,9 @@ def test_tool_search_permission_filter_still_applies_rbac_to_metadata_tools() -> "superset.mcp_service.privacy.user_can_view_data_model_metadata", return_value=True, ), - patch("superset.security_manager", new_callable=Mock) as security_manager, + patch( + "superset.mcp_service.auth.security_manager", new_callable=Mock + ) as security_manager, ): security_manager.can_access.return_value = False result = _filter_tools_by_current_user_permission([metadata, public]) @@ -997,7 +999,9 @@ def test_tool_search_permission_filter_resolves_user_from_request() -> None: "superset.mcp_service.auth.get_user_from_request", return_value=SimpleNamespace(username="viewer"), ), - patch("superset.security_manager", new_callable=Mock) as security_manager, + patch( + "superset.mcp_service.auth.security_manager", new_callable=Mock + ) as security_manager, ): security_manager.can_access.return_value = True result = _filter_tools_by_current_user_permission([protected]) @@ -1023,7 +1027,9 @@ def test_tool_search_permission_filter_keeps_get_schema_visible_without_metadata "superset.mcp_service.privacy.user_can_view_data_model_metadata", return_value=False, ), - patch("superset.security_manager", new_callable=Mock) as security_manager, + patch( + "superset.mcp_service.auth.security_manager", new_callable=Mock + ) as security_manager, ): security_manager.can_access.return_value = True result = _filter_tools_by_current_user_permission([schema_tool])
