codeant-ai-for-open-source[bot] commented on code in PR #40746: URL: https://github.com/apache/superset/pull/40746#discussion_r3395072089
########## tests/unit_tests/mcp_service/user/test_schemas.py: ########## @@ -0,0 +1,101 @@ +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + +"""Unit tests for user-related MCP schemas.""" + +from unittest.mock import MagicMock + +import pytest +from pydantic import ValidationError +from sqlalchemy.orm.exc import DetachedInstanceError + +from superset.mcp_service.user.schemas import UserInfo, serialize_user_object + + +def test_user_info_rejects_bare_string_for_roles() -> None: + """A plain string must not be silently split into individual characters.""" + with pytest.raises(ValidationError): + UserInfo(roles="Admin") + + +def test_user_info_preserves_empty_roles_list() -> None: + """Empty roles should remain [] so callers can distinguish it from None.""" + info = UserInfo(roles=[]) + assert info.roles == [] + + +def test_user_info_coerces_role_objects_to_names() -> None: + """Role-like ORM objects must be converted to their .name strings.""" + role_admin = MagicMock() + role_admin.name = "Admin" + role_alpha = MagicMock() + role_alpha.name = "Alpha" + + info = UserInfo(roles=[role_admin, role_alpha]) + + assert info.roles == ["Admin", "Alpha"] + + +def test_user_info_ignores_role_with_detached_instance() -> None: + """Detached ORM roles must not blow up serialization.""" + role_good = MagicMock() + role_good.name = "Admin" + role_detached = MagicMock() + role_detached.name = MagicMock(side_effect=DetachedInstanceError()) Review Comment: **Suggestion:** This mock setup does not actually raise `DetachedInstanceError` when `item.name` is accessed, so the test does not exercise the new exception-handling branch and can pass even if that logic breaks. Use a mock object/property that raises on attribute access to validate the intended detached-instance behavior. [code quality] <details> <summary><b>Severity Level:</b> Major ⚠️</summary> ```mdx - ⚠️ DetachedInstanceError path in roles validator untested. - ⚠️ Future regressions in detached-role handling may slip through. ``` </details> <details> <summary><b>Steps of Reproduction ✅ </b></summary> ```mdx 1. Open `tests/unit_tests/mcp_service/user/test_schemas.py` and locate `test_user_info_ignores_role_with_detached_instance` (lines 53–62), which is intended to exercise the `DetachedInstanceError` handling in `_extract_role_names` at `superset/mcp_service/user/schemas.py:125–132`. 2. Note that the test configures `role_detached = MagicMock()` and then `role_detached.name = MagicMock(side_effect=DetachedInstanceError())` at lines 57–58, meaning `role_detached.name` is a callable MagicMock whose side_effect fires only when it is called. 3. In the validator `_extract_role_names` (lines 120–133 in `superset/mcp_service/user/schemas.py`), the code path for non-string roles does `if hasattr(item, "name") and isinstance(item.name, str): result.append(item.name)`; this accesses `item.name` but never calls it, so the MagicMock side_effect is not triggered and `DetachedInstanceError` is never raised during the test. 4. Run `pytest tests/unit_tests/mcp_service/user/test_schemas.py::test_user_info_ignores_role_with_detached_instance` and observe that the test passes even if you remove or break the `except DetachedInstanceError` block in `_extract_role_names`, demonstrating that the detached-instance exception branch is not actually covered by this test and regressions there would go unnoticed. ``` </details> [Fix in Cursor](https://app.codeant.ai/fix-in-ide?tool=cursor&prompt_id=6f5047a764b343839af6721656a19f11&service=github&base_url=https%3A%2F%2Fgithub.com&org=apache&repo=apache%2Fsuperset) | [Fix in VSCode Claude](https://app.codeant.ai/fix-in-ide?tool=vscode-claude&prompt_id=6f5047a764b343839af6721656a19f11&service=github&base_url=https%3A%2F%2Fgithub.com&org=apache&repo=apache%2Fsuperset) *(Use Cmd/Ctrl + Click for best experience)* <details> <summary><b>Prompt for AI Agent 🤖 </b></summary> ```mdx This is a comment left during a code review. **Path:** tests/unit_tests/mcp_service/user/test_schemas.py **Line:** 57:58 **Comment:** *Code Quality: This mock setup does not actually raise `DetachedInstanceError` when `item.name` is accessed, so the test does not exercise the new exception-handling branch and can pass even if that logic breaks. Use a mock object/property that raises on attribute access to validate the intended detached-instance behavior. Validate the correctness of the flagged issue. If correct, How can I resolve this? If you propose a fix, implement it and please make it concise. Once fix is implemented, also check other comments on the same PR, and ask user if the user wants to fix the rest of the comments as well. if said yes, then fetch all the comments validate the correctness and implement a minimal fix ``` </details> <a href='https://app.codeant.ai/feedback?pr_url=https%3A%2F%2Fgithub.com%2Fapache%2Fsuperset%2Fpull%2F40746&comment_hash=8f047adc0ef91a0bf500a67f4c474a2c074a7b57245a11cf89d78c489d894a6d&reaction=like'>👍</a> | <a href='https://app.codeant.ai/feedback?pr_url=https%3A%2F%2Fgithub.com%2Fapache%2Fsuperset%2Fpull%2F40746&comment_hash=8f047adc0ef91a0bf500a67f4c474a2c074a7b57245a11cf89d78c489d894a6d&reaction=dislike'>👎</a> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
