codeant-ai-for-open-source[bot] commented on code in PR #40673:
URL: https://github.com/apache/superset/pull/40673#discussion_r3400950302
##########
superset/databases/api.py:
##########
@@ -569,7 +574,10 @@ def put(self, pk: int) -> Response:
exc_info=True,
)
return self.response_422(message=str(ex))
- except (SSHTunnelingNotEnabledError, SSHTunnelDatabasePortError) as ex:
+ except (
+ SSHTunnelingNotEnabledError,
+ SSHTunnelDatabasePortError,
+ ) as ex:
return self.response_400(message=str(ex))
Review Comment:
**Suggestion:** The update endpoint does not catch
`SSHTunnelHostKeyVerificationError`, so host-key verification failures raised
during database update can bypass this handler and return an unhandled/generic
error instead of the intended user-facing SSH host-key message. Include this
exception in the same `except` block to preserve the specific message and
consistent 400 handling for update, matching create and test-connection paths.
[api mismatch]
<details>
<summary><b>Severity Level:</b> Major ⚠️</summary>
```mdx
- ❌ PUT /api/v1/database/<pk> can return generic 500.
- ❌ SSH host-key mismatch message lost on database update.
- ⚠️ Inconsistent SSH tunnel error handling vs create/test_connection.
```
</details>
<details>
<summary><b>Steps of Reproduction ✅ </b></summary>
```mdx
1. Trigger the update endpoint `DatabaseRestApi.put` by issuing `PUT
/api/v1/database/<pk>` with a JSON body, which is handled by `put()` in
`superset/databases/api.py:496-87` and calls `UpdateDatabaseCommand(pk,
item).run()` at
`superset/databases/api.py:58-59`.
2. Inside `UpdateDatabaseCommand.run`
(`superset/commands/database/update.py:54-118`),
after `DatabaseDAO.update` builds the `database` object, the command invokes
`SyncPermissionsCommand(..., db_connection=database).run()` at
`superset/commands/database/update.py:105-114`.
3. `SyncPermissionsCommand.validate`
(`superset/commands/database/sync_permissions.py:90-117`) opens a SQLAlchemy
engine with
`with self.db_connection.get_sqla_engine() as engine:`, which for databases
with an
associated SSH tunnel (`Database.ssh_tunnel` not None) calls
`ssh_manager_factory.instance.create_tunnel(...)` inside
`Database.get_sqla_engine`
(`superset/models/core.py:24-35`), and `SSHManager.create_tunnel` then runs
`_verify_host_key(ssh_tunnel)` before opening the tunnel
(`superset/extensions/ssh.py:68-82`).
4. When host-key pinning is misconfigured (e.g., strict checking enabled
with no key, an
invalid `server_host_key`, or a host-key mismatch) `_verify_host_key` raises
`SSHTunnelHostKeyVerificationError`
(`superset/extensions/ssh.py:12-27,35-42,46-51,55-66`
/ `superset/commands/database/ssh_tunnel/exceptions.py:80-83`), which
bubbles up through
`SyncPermissionsCommand.run` and `UpdateDatabaseCommand.run`; since
`DatabaseRestApi.put`
only catches `SSHTunnelingNotEnabledError` and `SSHTunnelDatabasePortError`
in the block
at `superset/databases/api.py:82-86` and does not include
`SSHTunnelHostKeyVerificationError`, this exception bypasses the 400 handler
and is turned
into a generic unhandled error by Flask/FAB, unlike the create (`post`) and
`test_connection` endpoints in the same file which explicitly catch
`SSHTunnelHostKeyVerificationError` and return a 400 with the specific
message (see
`superset/databases/api.py:475-493` and
`superset/databases/api.py:1289-1307`).
```
</details>
[Fix in
Cursor](https://app.codeant.ai/fix-in-ide?tool=cursor&prompt_id=85e32eb35d604b2abbd02a762a0d3b16&service=github&base_url=https%3A%2F%2Fgithub.com&org=apache&repo=apache%2Fsuperset)
| [Fix in VSCode
Claude](https://app.codeant.ai/fix-in-ide?tool=vscode-claude&prompt_id=85e32eb35d604b2abbd02a762a0d3b16&service=github&base_url=https%3A%2F%2Fgithub.com&org=apache&repo=apache%2Fsuperset)
*(Use Cmd/Ctrl + Click for best experience)*
<details>
<summary><b>Prompt for AI Agent 🤖 </b></summary>
```mdx
This is a comment left during a code review.
**Path:** superset/databases/api.py
**Line:** 577:581
**Comment:**
*Api Mismatch: The update endpoint does not catch
`SSHTunnelHostKeyVerificationError`, so host-key verification failures raised
during database update can bypass this handler and return an unhandled/generic
error instead of the intended user-facing SSH host-key message. Include this
exception in the same `except` block to preserve the specific message and
consistent 400 handling for update, matching create and test-connection paths.
Validate the correctness of the flagged issue. If correct, How can I resolve
this? If you propose a fix, implement it and please make it concise.
Once fix is implemented, also check other comments on the same PR, and ask
user if the user wants to fix the rest of the comments as well. if said yes,
then fetch all the comments validate the correctness and implement a minimal fix
```
</details>
<a
href='https://app.codeant.ai/feedback?pr_url=https%3A%2F%2Fgithub.com%2Fapache%2Fsuperset%2Fpull%2F40673&comment_hash=a721d72ad7c94fecbf274fb4e90b5e4e7394036fd5ffba2d0b795e038e097778&reaction=like'>👍</a>
| <a
href='https://app.codeant.ai/feedback?pr_url=https%3A%2F%2Fgithub.com%2Fapache%2Fsuperset%2Fpull%2F40673&comment_hash=a721d72ad7c94fecbf274fb4e90b5e4e7394036fd5ffba2d0b795e038e097778&reaction=dislike'>👎</a>
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
