codeant-ai-for-open-source[bot] commented on PR #38648:
URL: https://github.com/apache/superset/pull/38648#issuecomment-4104360449
## **Sequence Diagram**
This PR adds a mandatory database authorization step to query cost
estimation. The command now checks database access after loading the target
database and blocks unauthorized requests before any estimate data is returned.
```mermaid
sequenceDiagram
participant Client
participant QueryEstimationCommand
participant Database
participant SecurityManager
Client->>QueryEstimationCommand: Submit estimate request with database id
QueryEstimationCommand->>Database: Load database
alt Database not found
QueryEstimationCommand-->>Client: Not found error
else Database found
QueryEstimationCommand->>SecurityManager: Check database access
alt Access denied
QueryEstimationCommand-->>Client: Forbidden error
else Access granted
QueryEstimationCommand->>Database: Run explain for cost estimate
QueryEstimationCommand-->>Client: Return query cost estimate
end
end
```
---
*Generated by [CodeAnt AI](https://codeant.ai)*
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
