[PR] fix(mcp): filter sensitive database columns from list_databases loaded-metadata [superset]

Thu, 04 Jun 2026 09:28:00 -0700 


aminghadersohi opened a new pull request, #40771:
URL: https://github.com/apache/superset/pull/40771

   ### SUMMARY
   
   `ModelListCore._get_columns_to_load()` only stripped `USER_DIRECTORY_FIELDS`
   from caller-supplied `select_columns`, but did not enforce the `all_columns`
   allowlist that `get_database_columns()` already uses to exclude credential
   fields (`password`, `sqlalchemy_uri`, `encrypted_extra`, `server_cert`). A
   caller could therefore pass those names via `select_columns` and have them
   appear in `columns_loaded`/`columns_requested` in the MCP response metadata
   and be forwarded to the DAO query.
   
   **Fix**: after `filter_user_directory_columns`, restrict the column list to
   `self._all_columns` when it is set. For `list_databases` this means only
   columns surfaced in `columns_available` (which already excludes the four
   credential fields via `DATABASE_EXCLUDE_COLUMNS`) can be loaded.
   
   ### BEFORE/AFTER SCREENSHOTS OR ANIMATED GIF
   
   N/A — backend-only change.
   
   ### TESTING INSTRUCTIONS
   
   New unit tests cover the fix:
   
   ```bash
   pytest tests/unit_tests/mcp_service/system/tool/test_mcp_core.py \
     -k "test_model_list_tool_rejects_columns_not_in_all_columns or 
test_model_list_tool_rejects_only_excluded_columns_raises"
   
   pytest tests/unit_tests/mcp_service/database/tool/test_database_tools.py \
     -k "test_list_databases_does_not_expose_sensitive_credential_columns"
   ```
   
   ### ADDITIONAL INFORMATION
   
   - [ ] Has associated issue:
   - [ ] Required feature flags:
   - [ ] Changes UI
   - [ ] Includes DB Migration (follow approval process in 
[SIP-59](https://github.com/apache/superset/issues/13351))
     - [ ] Migration is atomic, supports rollback & is backwards-compatible
     - [ ] Confirm DB migration upgrade and downgrade tested
     - [ ] Runtime estimates and downtime expectations provided
   - [ ] Introduces new feature or API
   - [ ] Removes existing feature or API


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to