codeant-ai-for-open-source[bot] commented on code in PR #40729:
URL: https://github.com/apache/superset/pull/40729#discussion_r3366040290
##########
superset-frontend/src/embedded/index.tsx:
##########
@@ -172,32 +184,34 @@ function start() {
method: 'GET',
endpoint: '/api/v1/me/roles/',
});
- return getMeWithRole().then(
- ({ result }) => {
- // fill in some missing bootstrap data
- // (because at pageload, we don't have any auth yet)
- // this allows the frontend's permissions checks to work.
- bootstrapData.user = result;
- store.dispatch({
- type: USER_LOADED,
- user: result,
- });
- if (!root) {
- root = createRoot(appMountPoint);
- }
- root.render(<EmbeddedApp />);
- },
- err => {
- // something is most likely wrong with the guest token; reset the guard
- // so a rehandshake with a valid token can retry.
- logging.error(err);
- showFailureMessage(
- t(
- 'Something went wrong with embedded authentication. Check the dev
console for details.',
- ),
- );
- started = false;
- },
+ return pluginsReady.then(() =>
+ getMeWithRole().then(
+ ({ result }) => {
+ // fill in some missing bootstrap data
+ // (because at pageload, we don't have any auth yet)
+ // this allows the frontend's permissions checks to work.
+ bootstrapData.user = result;
+ store.dispatch({
+ type: USER_LOADED,
+ user: result,
+ });
+ if (!root) {
+ root = createRoot(appMountPoint);
+ }
+ root.render(<EmbeddedApp />);
+ },
+ err => {
+ // something is most likely wrong with the guest token; reset the guard
+ // so a rehandshake with a valid token can retry.
+ logging.error(err);
+ showFailureMessage(
+ t(
+ 'Something went wrong with embedded authentication. Check the dev
console for details.',
+ ),
+ );
+ started = false;
+ },
+ ),
);
Review Comment:
**Suggestion:** `start()` now returns the `pluginsReady` promise but never
handles its rejection path. If `setupPlugins()` or `setupCodeOverrides()`
throws inside `pluginsReady`, this chain rejects before `getMeWithRole()` runs,
producing an unhandled promise rejection and leaving the `started` guard stuck
at `true`, so later guest-token retries cannot restart initialization. Add a
rejection handler around `pluginsReady` in `start()` that logs/shows an error
and resets `started` to allow retry. [logic error]
<details>
<summary><b>Severity Level:</b> Major ⚠️</summary>
```mdx
- ❌ Embedded dashboard cannot recover from plugin init failures.
- ⚠️ Guest token retries ignored due to stuck started flag.
- ⚠️ Unhandled promise rejection noise in browser console.
```
</details>
<details>
<summary><b>Steps of Reproduction ✅ </b></summary>
```mdx
1. Load the embedded dashboard entrypoint
`superset-frontend/src/embedded/index.tsx`,
which defines the `pluginsReady` promise at lines 56–66 by calling
`initPreamble().catch(...).then(() => { setupPlugins(); setupCodeOverrides({
embedded:
true }); })`.
2. Observe that `Switchboard.defineMethod('guestToken', ...)` at lines
246–252 calls
`setupGuestClient(guestToken); start();` and ignores the promise returned by
`start()` (no
`.then`/`.catch` around it).
3. When `start()` runs (line 180), it sets `started = true` (line 182) and
returns
`pluginsReady.then(() => getMeWithRole().then(...))` (lines 187–215); if
`setupPlugins()`
or `setupCodeOverrides()` throws synchronously inside the `pluginsReady`
`.then` callback
(line 63–65), `pluginsReady` rejects and the `pluginsReady.then(() => ...)`
chain in
`start()` also rejects before `getMeWithRole()` is called, with no rejection
handler
attached.
4. Because the rejection is unhandled, the browser logs an unhandled promise
rejection,
the `started` flag remains `true` (only reset in the `getMeWithRole` error
handler at
lines 203–213, which is never reached in this failure mode), and subsequent
`guestToken`
invocations via Switchboard cannot successfully call `start()` again (line
181
early-returns when `started` is true), leaving the embedded app unable to
retry
initialization.
```
</details>
[Fix in
Cursor](https://app.codeant.ai/fix-in-ide?tool=cursor&prompt_id=dc6380ba02774d8ab9551a4883ea0172&service=github&base_url=https%3A%2F%2Fgithub.com&org=apache&repo=apache%2Fsuperset)
| [Fix in VSCode
Claude](https://app.codeant.ai/fix-in-ide?tool=vscode-claude&prompt_id=dc6380ba02774d8ab9551a4883ea0172&service=github&base_url=https%3A%2F%2Fgithub.com&org=apache&repo=apache%2Fsuperset)
*(Use Cmd/Ctrl + Click for best experience)*
<details>
<summary><b>Prompt for AI Agent 🤖 </b></summary>
```mdx
This is a comment left during a code review.
**Path:** superset-frontend/src/embedded/index.tsx
**Line:** 187:215
**Comment:**
*Logic Error: `start()` now returns the `pluginsReady` promise but
never handles its rejection path. If `setupPlugins()` or `setupCodeOverrides()`
throws inside `pluginsReady`, this chain rejects before `getMeWithRole()` runs,
producing an unhandled promise rejection and leaving the `started` guard stuck
at `true`, so later guest-token retries cannot restart initialization. Add a
rejection handler around `pluginsReady` in `start()` that logs/shows an error
and resets `started` to allow retry.
Validate the correctness of the flagged issue. If correct, How can I resolve
this? If you propose a fix, implement it and please make it concise.
Once fix is implemented, also check other comments on the same PR, and ask
user if the user wants to fix the rest of the comments as well. if said yes,
then fetch all the comments validate the correctness and implement a minimal fix
```
</details>
<a
href='https://app.codeant.ai/feedback?pr_url=https%3A%2F%2Fgithub.com%2Fapache%2Fsuperset%2Fpull%2F40729&comment_hash=0a03ea61263113cbcdb2ce9acf5a3594edb6e4f0b16967225a1a5c4c8f8b6ae7&reaction=like'>👍</a>
| <a
href='https://app.codeant.ai/feedback?pr_url=https%3A%2F%2Fgithub.com%2Fapache%2Fsuperset%2Fpull%2F40729&comment_hash=0a03ea61263113cbcdb2ce9acf5a3594edb6e4f0b16967225a1a5c4c8f8b6ae7&reaction=dislike'>👎</a>
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
