bito-code-review[bot] commented on code in PR #36933:
URL: https://github.com/apache/superset/pull/36933#discussion_r2790840091
##########
superset/security/manager.py:
##########
@@ -2810,6 +2821,17 @@ def validate_guest_token_resources(resources:
GuestTokenResources) -> None:
embedded =
EmbeddedDashboardDAO.find_by_id(str(resource["id"]))
if not embedded:
raise EmbeddedDashboardNotFoundError()
+ elif resource["type"] ==
GuestTokenResourceType.CHART_PERMALINK.value:
+ # Validate that the chart permalink exists
+ permalink_key = str(resource["id"])
+ try:
+ permalink_value =
GetExplorePermalinkCommand(permalink_key).run()
+ if not permalink_value:
+ raise EmbeddedChartPermalinkNotFoundError()
+ except EmbeddedChartPermalinkNotFoundError:
+ raise
+ except (ExplorePermalinkGetFailedError, ValueError) as ex:
+ raise EmbeddedChartPermalinkNotFoundError() from ex
Review Comment:
<div>
<div id="suggestion">
<div id="issue"><b>Incomplete Exception Handling</b></div>
<div id="fix">
The exception handling catches ExplorePermalinkGetFailedError and
ValueError, but GetExplorePermalinkCommand.run() can raise other exceptions
like ChartAccessDeniedError from check_chart_access, leading to inconsistent
error types instead of always raising EmbeddedChartPermalinkNotFoundError.
</div>
</div>
<small><i>Code Review Run #1fca91</i></small>
</div>
---
Should Bito avoid suggestions like this for future reviews? (<a
href=https://alpha.bito.ai/home/ai-agents/review-rules>Manage Rules</a>)
- [ ] Yes, avoid them
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
