codeant-ai-for-open-source[bot] commented on code in PR #40955:
URL: https://github.com/apache/superset/pull/40955#discussion_r3408041395
##########
superset/commands/chart/update.py:
##########
@@ -101,6 +103,51 @@ def _validate_new_dashboard_access(
if not security_manager.is_owner(dash):
raise DashboardsForbiddenError()
+ def _validate_query_context_datasource(
+ self, exceptions: list[ValidationError]
+ ) -> None:
+ """
+ Ensure a query-context-only update keeps the chart's own datasource.
+
+ The submitted query context is only verified when it carries a
parseable
+ ``datasource`` object; a payload that references a different
datasource than
+ the chart's persisted one is rejected. Payloads without a datasource
fall
+ back to the chart's datasource at execution time and need no check.
+ """
+ if not self._model:
+ return
+
+ raw_query_context = self._properties.get("query_context")
+ if not raw_query_context:
+ return
+
+ try:
+ query_context = json.loads(raw_query_context)
+ except (TypeError, ValueError):
+ # An unparseable payload cannot be verified or replayed; leave it
for
+ # downstream handling rather than guessing at its intent.
+ return
+
+ datasource = (
+ query_context.get("datasource") if isinstance(query_context, dict)
else None
+ )
+ if not isinstance(datasource, dict):
+ return
+
+ try:
+ ids_match = int(datasource["id"]) == self._model.datasource_id
+ except (KeyError, TypeError, ValueError):
+ ids_match = False
+
+ datasource_type = datasource.get("type")
+ types_match = (
+ datasource_type is None
+ or str(datasource_type) == self._model.datasource_type
+ )
Review Comment:
**Suggestion:** The datasource type check currently treats a missing
`datasource.type` as valid, so a query-context-only update can store a
datasource object with just an id. That payload later reaches query-context
loading, where datasource conversion expects `type` to exist and can fail at
runtime (or leave the chart with an unusable saved query context). Require
`datasource.type` to be present and equal to the chart datasource type when a
`datasource` object is provided. [incomplete implementation]
<details>
<summary><b>Severity Level:</b> Major ⚠️</summary>
```mdx
- ❌ Dashboard datasets builder crashes on malformed chart query_context.
- ❌ Annotations using chart.get_query_context can raise KeyError.
- ⚠️ Charts API accepts invalid query_context without immediate error.
```
</details>
<details>
<summary><b>Steps of Reproduction ✅ </b></summary>
```mdx
1. Update a chart via the Charts REST API `PUT /api/v1/chart/<id>`
(implemented in
`superset/charts/api.py:439`) with a JSON body containing only
`query_context` and
`query_context_generation`, where `query_context` is a JSON string like
`{"datasource":
{"id": <chart.datasource_id>}, "queries": []}` (i.e., `datasource.id`
present but
`datasource.type` omitted).
2. The request JSON is validated by `ChartPutSchema` in
`superset/charts/schemas.py:48-80`
(which treats `query_context` as an arbitrary JSON string) and then passed to
`UpdateChartCommand(pk, item).run()` in `superset/charts/api.py:439`, which
calls
`UpdateChartCommand.validate()` in
`superset/commands/chart/update.py:151-197`.
3. Inside `UpdateChartCommand.validate`, the payload is recognized as a
query-context-only
update by `is_query_context_update`
(`superset/commands/chart/update.py:51-54`), so
ownership is relaxed and `_validate_query_context_datasource` is invoked;
there, the code
at `superset/commands/chart/update.py:137-146` computes `ids_match =
int(datasource["id"])
== self._model.datasource_id` and then `datasource_type =
datasource.get("type")` followed
by `types_match = (datasource_type is None or str(datasource_type) ==
self._model.datasource_type)`, so a `datasource` dict with a matching `id`
but missing
`type` (`datasource_type is None`) is treated as valid and no
`ChartQueryContextDatasourceMismatchValidationError` is added to
`exceptions`.
4. Later, when a dashboard containing this chart is loaded,
`Dashboard.datasets_trimmed_for_slices` in
`superset/models/dashboard.py:1-19` calls
`datasource.data_for_slices(list(slices))`, which in the SqlaTable
implementation
(`superset/connectors/sqla/models.py:6-77`) calls `slc.get_query_context()`
for each
slice; `Slice.get_query_context` (`superset/models/slice.py:7-16`) does
`json.loads(self.query_context)` and passes the resulting dict (containing
`datasource={"id": <id>}` but no `type`) into `QueryContextFactory.create`
(`superset/common/query_context_factory.py:7-68`), whose `_convert_to_model`
at
`superset/common/query_context_factory.py:70-74` accesses
`datasource["type"]` directly;
because `type` is missing, this raises `KeyError`, which is not caught by
`get_query_context` or `data_for_slices`, causing a runtime error when
loading the
dashboard or any other code path that calls `Slice.get_query_context()` on
the affected
chart.
```
</details>
[Fix in
Cursor](https://app.codeant.ai/fix-in-ide?tool=cursor&prompt_id=04db5bf4bcfc42268a2409ff485ed3b5&service=github&base_url=https%3A%2F%2Fgithub.com&org=apache&repo=apache%2Fsuperset)
| [Fix in VSCode
Claude](https://app.codeant.ai/fix-in-ide?tool=vscode-claude&prompt_id=04db5bf4bcfc42268a2409ff485ed3b5&service=github&base_url=https%3A%2F%2Fgithub.com&org=apache&repo=apache%2Fsuperset)
*(Use Cmd/Ctrl + Click for best experience)*
<details>
<summary><b>Prompt for AI Agent 🤖 </b></summary>
```mdx
This is a comment left during a code review.
**Path:** superset/commands/chart/update.py
**Line:** 142:146
**Comment:**
*Incomplete Implementation: The datasource type check currently treats
a missing `datasource.type` as valid, so a query-context-only update can store
a datasource object with just an id. That payload later reaches query-context
loading, where datasource conversion expects `type` to exist and can fail at
runtime (or leave the chart with an unusable saved query context). Require
`datasource.type` to be present and equal to the chart datasource type when a
`datasource` object is provided.
Validate the correctness of the flagged issue. If correct, How can I resolve
this? If you propose a fix, implement it and please make it concise.
Once fix is implemented, also check other comments on the same PR, and ask
user if the user wants to fix the rest of the comments as well. if said yes,
then fetch all the comments validate the correctness and implement a minimal fix
```
</details>
<a
href='https://app.codeant.ai/feedback?pr_url=https%3A%2F%2Fgithub.com%2Fapache%2Fsuperset%2Fpull%2F40955&comment_hash=1f49f583974ca205d7602eec50b50b6145fc133ef25863554d57e5b515947672&reaction=like'>👍</a>
| <a
href='https://app.codeant.ai/feedback?pr_url=https%3A%2F%2Fgithub.com%2Fapache%2Fsuperset%2Fpull%2F40955&comment_hash=1f49f583974ca205d7602eec50b50b6145fc133ef25863554d57e5b515947672&reaction=dislike'>👎</a>
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
