codeant-ai-for-open-source[bot] commented on code in PR #39998:
URL: https://github.com/apache/superset/pull/39998#discussion_r3214992019
##########
superset/commands/dataset/importers/v1/utils.py:
##########
@@ -172,6 +173,14 @@ def import_dataset( # noqa: C901
if dataset.id is None:
db.session.flush()
+ if not ignore_permissions:
+ try:
+ security_manager.raise_for_access(datasource=dataset)
+ except SupersetSecurityException as ex:
+ raise ImportFailedError(
+ "User does not have access to the target dataset"
+ ) from ex
Review Comment:
**Suggestion:** This new access-denial path raises `ImportFailedError`,
which is a 500-class command exception in this codebase. As a result,
permission-denied imports are reported as internal server errors instead of
client validation/authorization failures (the PR expectation says 422). Raise a
4xx-mapped exception type for this branch so unauthorized datasource imports
return the correct HTTP status. [api mismatch]
<details>
<summary><b>Severity Level:</b> Major ⚠️</summary>
```mdx
- ❌ Dataset import endpoint returns 500 on permission-denied imports.
- ⚠️ Clients cannot distinguish auth failures from server crashes.
- ⚠️ API contract/docs advertising 4xx on import mismatched.
```
</details>
<details>
<summary><b>Steps of Reproduction ✅ </b></summary>
```mdx
1. Trigger the dataset import API `POST /api/v1/dataset/import/` implemented
in
`superset/datasets/api.py:930-1032` by uploading a ZIP/YAML bundle that
includes a dataset
whose `database_id` points to a database/schema the current user cannot
access under
normal security rules.
2. In `DatasetRestApi.import_` (`superset/datasets/api.py:930-1032`), the
request file is
parsed into `contents`, and an `ImportDatasetsCommand` is instantiated and
executed at
`superset/datasets/api.py:1022-1032` via `command =
ImportDatasetsCommand(contents, ...)`
followed by `command.run()`.
3. `ImportDatasetsCommand.run()` in
`superset/commands/dataset/importers/dispatcher.py:51-68` dispatches to
`v1.ImportDatasetsCommand`, whose `_import` method in
`superset/commands/dataset/importers/v1/__init__.py:36-43` iterates dataset
configs and
calls `import_dataset(config, overwrite=overwrite)` from
`superset/commands/dataset/importers/v1/utils.py:106-112`.
4. Inside `import_dataset` in
`superset/commands/dataset/importers/v1/utils.py:84-93`,
after the dataset is created/updated and flushed, the new block at lines
176-182 executes
`security_manager.raise_for_access(datasource=dataset)`; for a user without
datasource-level access this raises `SupersetSecurityException`, which is
caught at line
179 and converted to `ImportFailedError` (lines 179-182).
`ImportFailedError` is defined
in `superset/commands/exceptions.py:8-10` with `status = 500`, and the global
`CommandException` handler in `superset/views/error_handling.py:184-212`
returns a JSON
error response with `status=ex.status`, i.e. HTTP 500, so the
permission-denied dataset
import surfaces as a 500 Internal Server Error instead of a 4xx (e.g. 422)
client/authorization error.
```
</details>
[Fix in
Cursor](https://app.codeant.ai/fix-in-ide?tool=cursor&prompt=This%20is%20a%20comment%20left%20during%20a%20code%20review.%0A%0A%2A%2APath%3A%2A%2A%20superset%2Fcommands%2Fdataset%2Fimporters%2Fv1%2Futils.py%0A%2A%2ALine%3A%2A%2A%20179%3A182%0A%2A%2AComment%3A%2A%2A%0A%09%2AApi%20Mismatch%3A%20This%20new%20access-denial%20path%20raises%20%60ImportFailedError%60%2C%20which%20is%20a%20500-class%20command%20exception%20in%20this%20codebase.%20As%20a%20result%2C%20permission-denied%20imports%20are%20reported%20as%20internal%20server%20errors%20instead%20of%20client%20validation%2Fauthorization%20failures%20%28the%20PR%20expectation%20says%20422%29.%20Raise%20a%204xx-mapped%20exception%20type%20for%20this%20branch%20so%20unauthorized%20datasource%20imports%20return%20the%20correct%20HTTP%20status.%0A%0AValidate%20the%20correctness%20of%20the%20flagged%20issue.%20If%20correct%2C%20How%20can%20I%20resolve%20this%3F%20If%20you%20propose%20a%20fix%2C%20implement%20it%20and%20please%
20make%20it%20concise.%0AOnce%20fix%20is%20implemented%2C%20also%20check%20other%20comments%20on%20the%20same%20PR%2C%20and%20ask%20user%20if%20the%20user%20wants%20to%20fix%20the%20rest%20of%20the%20comments%20as%20well.%20if%20said%20yes%2C%20then%20fetch%20all%20the%20comments%20validate%20the%20correctness%20and%20implement%20a%20minimal%20fix%0A)
| [Fix in VSCode
Claude](https://app.codeant.ai/fix-in-ide?tool=vscode-claude&prompt=This%20is%20a%20comment%20left%20during%20a%20code%20review.%0A%0A%2A%2APath%3A%2A%2A%20superset%2Fcommands%2Fdataset%2Fimporters%2Fv1%2Futils.py%0A%2A%2ALine%3A%2A%2A%20179%3A182%0A%2A%2AComment%3A%2A%2A%0A%09%2AApi%20Mismatch%3A%20This%20new%20access-denial%20path%20raises%20%60ImportFailedError%60%2C%20which%20is%20a%20500-class%20command%20exception%20in%20this%20codebase.%20As%20a%20result%2C%20permission-denied%20imports%20are%20reported%20as%20internal%20server%20errors%20instead%20of%20client%20validation%2Fauthorization%20failures%20%28the%20P
R%20expectation%20says%20422%29.%20Raise%20a%204xx-mapped%20exception%20type%20for%20this%20branch%20so%20unauthorized%20datasource%20imports%20return%20the%20correct%20HTTP%20status.%0A%0AValidate%20the%20correctness%20of%20the%20flagged%20issue.%20If%20correct%2C%20How%20can%20I%20resolve%20this%3F%20If%20you%20propose%20a%20fix%2C%20implement%20it%20and%20please%20make%20it%20concise.%0AOnce%20fix%20is%20implemented%2C%20also%20check%20other%20comments%20on%20the%20same%20PR%2C%20and%20ask%20user%20if%20the%20user%20wants%20to%20fix%20the%20rest%20of%20the%20comments%20as%20well.%20if%20said%20yes%2C%20then%20fetch%20all%20the%20comments%20validate%20the%20correctness%20and%20implement%20a%20minimal%20fix%0A)
*(Use Cmd/Ctrl + Click for best experience)*
<details>
<summary><b>Prompt for AI Agent 🤖 </b></summary>
```mdx
This is a comment left during a code review.
**Path:** superset/commands/dataset/importers/v1/utils.py
**Line:** 179:182
**Comment:**
*Api Mismatch: This new access-denial path raises `ImportFailedError`,
which is a 500-class command exception in this codebase. As a result,
permission-denied imports are reported as internal server errors instead of
client validation/authorization failures (the PR expectation says 422). Raise a
4xx-mapped exception type for this branch so unauthorized datasource imports
return the correct HTTP status.
Validate the correctness of the flagged issue. If correct, How can I resolve
this? If you propose a fix, implement it and please make it concise.
Once fix is implemented, also check other comments on the same PR, and ask
user if the user wants to fix the rest of the comments as well. if said yes,
then fetch all the comments validate the correctness and implement a minimal fix
```
</details>
<a
href='https://app.codeant.ai/feedback?pr_url=https%3A%2F%2Fgithub.com%2Fapache%2Fsuperset%2Fpull%2F39998&comment_hash=0ddacd4d4cd208a29f69f567549ea3fafb81f761a29b4ab4c890a03988fedbf0&reaction=like'>👍</a>
| <a
href='https://app.codeant.ai/feedback?pr_url=https%3A%2F%2Fgithub.com%2Fapache%2Fsuperset%2Fpull%2F39998&comment_hash=0ddacd4d4cd208a29f69f567549ea3fafb81f761a29b4ab4c890a03988fedbf0&reaction=dislike'>👎</a>
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
