aminghadersohi opened a new pull request, #38845:
URL: https://github.com/apache/superset/pull/38845
### SUMMARY
Fix two permission gaps in MCP tools:
1. **`generate_dashboard`**: Previously checked chart existence but did NOT
verify chart access permissions. Users could create dashboards containing
charts they shouldn't have access to. Now calls
`security_manager.can_access_chart()` after verifying charts exist, returning
an error listing inaccessible chart IDs.
2. **`update_chart`**: Previously did not validate dataset access before
applying configuration changes. Users could update charts whose underlying
dataset they cannot access. Now calls `validate_chart_dataset(chart,
check_access=True)` after finding the chart, returning a structured
`DatasetNotAccessible` error before any DB writes.
Both fixes reuse existing utilities (`security_manager.can_access_chart` and
`validate_chart_dataset`) that are already used in other MCP tools like
`get_chart_info`.
### BEFORE/AFTER SCREENSHOTS OR ANIMATED GIF
N/A - backend-only changes
### TESTING INSTRUCTIONS
1. Run MCP unit tests:
```bash
pytest tests/unit_tests/mcp_service/ -x
```
2. Verify new tests pass:
- `test_generate_dashboard_inaccessible_charts` - asserts error when user
lacks chart access
- `test_update_chart_dataset_access_denied` - asserts error when dataset
is inaccessible
- `test_update_chart_dataset_not_found` - asserts error when dataset is
deleted
3. Verify existing tests still pass (no regression):
- `test_generate_dashboard_basic` and all other dashboard generation tests
- All existing `TestUpdateChart` tests
### ADDITIONAL INFORMATION
- [ ] Has associated issue:
- [ ] Required feature flags:
- [ ] Changes UI
- [ ] Includes DB Migration (follow approval process in
[SIP-59](https://github.com/apache/superset/issues/13351))
- [ ] Migration is atomic, supports rollback & is backwards-compatible
- [ ] Confirm DB migration upgrade and downgrade tested
- [ ] Runtime estimates and downtime expectations provided
- [ ] Introduces new feature or API
- [ ] Removes existing feature or API
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
