abderbejaoui opened a new pull request, #38490:
URL: https://github.com/apache/superset/pull/38490
### SUMMARY
Negative values for `schema_cache_timeout` and `table_cache_timeout` in the
database connection advanced settings (Performance section) were accepted by
both the UI and backend. This could cause runtime errors in Redis and caching
backends, as reported in #35068.
This PR adds validation at multiple layers to reject negative values:
**Frontend:**
- Added `onExtraInputChangeNonNegative` handler in `ExtraOptions.tsx` that
silently drops negative input values
- Added `min={0}` HTML attribute on both cache timeout inputs to prevent
spinner arrows from going below zero
- Added `Math.max(0, ...)` clamping in the state reducer (`index.tsx`) as a
safety net
- Changed `||` to `??` for input value display so `0` renders correctly
instead of showing as empty
**Backend:**
- Added validation in `extra_validator()` (`schemas.py`) that rejects
negative `schema_cache_timeout` and `table_cache_timeout` with a clear error
message
- Added `Range(min=0)` constraint on `metadata_cache_timeout` dict values in
`ImportV1DatabaseExtraSchema`
Fixes #35068
### BEFORE/AFTER SCREENSHOTS OR ANIMATED GIF
**Before:** User can type negative values like `-4` into Schema cache
timeout and Table cache timeout fields, and the backend silently accepts them.
**After:** Negative values are blocked in the UI (input is ignored), and the
backend returns a validation error: _"The schema_cache_timeout in
metadata_cache_timeout must be a non-negative integer."_
### TESTING INSTRUCTIONS
1. Start Superset and navigate to **Settings → Database Connections**
2. Click **Edit** on any database → expand **Advanced → Performance**
3. Try typing `-4` in "Schema cache timeout" — the input should be ignored
4. Try typing `0` — should be accepted (cache never expires)
5. Try typing `600` — should be accepted normally
6. Verify via API:
```bash
# Should return validation error
curl -X POST /api/v1/database/ -d
'{"database_name":"test","sqlalchemy_uri":"...","extra":"{\"metadata_cache_timeout\":{\"schema_cache_timeout\":-1}}"}'
```
7. Run backend tests: `pytest tests/unit_tests/databases/schema_tests.py -v
-k cache_timeout`
8. Run frontend tests: `npx jest --testPathPatterns='ExtraOptions.test'
--no-coverage`
### ADDITIONAL INFORMATION
- [x] Has associated issue: Fixes #35068
- [ ] Required feature flags:
- [x] Changes UI
- [ ] Includes DB Migration
- [ ] Introduces new feature or API
- [ ] Removes existing feature or API
Made with [Cursor](https://cursor.com)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
