codeant-ai-for-open-source[bot] commented on code in PR #36071:
URL: https://github.com/apache/superset/pull/36071#discussion_r2882573343
##########
superset/dashboards/schemas.py:
##########
@@ -243,6 +244,7 @@ class DashboardGetResponseSchema(Schema):
created_on_humanized = fields.String(data_key="created_on_delta_humanized")
is_managed_externally = fields.Boolean(allow_none=True, dump_default=False)
uuid = fields.UUID(allow_none=True)
+ description = fields.String(allow_none=True)
# pylint: disable=unused-argument
@post_dump()
Review Comment:
**Suggestion:** When the schema is instantiated with an `only` parameter (as
done in the dashboard GET API), some fields like `owners`, `changed_by_name`,
or `changed_by` may not be present in the serialized dict; for guest users this
unconditional `del` will raise a KeyError and cause a 500 error instead of
returning a valid response, so the code should remove these keys defensively
(e.g., using `pop(..., None)`). [logic error]
<details>
<summary><b>Severity Level:</b> Major ⚠️</summary>
```mdx
- ❌ Guest responses using restricted fields crash with KeyError.
- ⚠️ Breaks any future callers using Schema.only/exclude.
```
</details>
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
