codeant-ai-for-open-source[bot] commented on code in PR #40860:
URL: https://github.com/apache/superset/pull/40860#discussion_r3408595800
##########
superset/databases/api.py:
##########
@@ -1718,6 +1718,15 @@ def upload_metadata(self) -> Response:
$ref: '#/components/responses/401'
404:
$ref: '#/components/responses/404'
+ 413:
+ description: Payload too large, file exceeds the maximum allowed
size
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ message:
+ type: string
Review Comment:
✅ **Customized review instruction saved!**
**Instruction:**
> Do not flag the documented error response shape in this API file when it
intentionally follows the existing local house style; broader response-envelope
cleanup should be handled separately rather than as a one-off fix in this file.
**Applied to:**
- `superset/databases/api.py`
---
💡 *To manage or update this instruction, visit: [CodeAnt AI
Settings](https://app.codeant.ai/org/settings/learnings)*
##########
superset/databases/api.py:
##########
@@ -1777,6 +1787,15 @@ def upload(self, pk: int) -> Response:
$ref: '#/components/responses/401'
404:
$ref: '#/components/responses/404'
+ 413:
+ description: Payload too large, file exceeds the maximum allowed
size
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ message:
+ type: string
Review Comment:
✅ **Customized review instruction saved!**
**Instruction:**
> In superset/databases/api.py, keep the documented shape of shared error
responses consistent with the surrounding responses in this file (e.g.
`{message: string}`), even if the runtime `CommandException` envelope uses
`errors`. Do not flag the 413 response as a mismatch unless the broader
error-response docs are being cleaned up together.
**Applied to:**
- `superset/databases/api.py`
---
💡 *To manage or update this instruction, visit: [CodeAnt AI
Settings](https://app.codeant.ai/org/settings/learnings)*
##########
tests/unit_tests/commands/databases/upload_command_test.py:
##########
@@ -0,0 +1,147 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+import io
+from unittest.mock import MagicMock
+
+import pytest
+from pytest_mock import MockerFixture
+from werkzeug.datastructures import FileStorage
+
+from superset.commands.database.exceptions import DatabaseUploadFileTooLarge
+from superset.commands.database.uploaders.base import UploadCommand
+
+
+def _file(contents: bytes) -> FileStorage:
+ return FileStorage(stream=io.BytesIO(contents), filename="data.bin")
+
+
+def test_file_size_bytes_does_not_consume_stream() -> None:
+ file = _file(b"abcdefghij") # 10 bytes
+ assert UploadCommand._file_size_bytes(file) == 10
+ # the stream is left at its original position so processing still works
+ assert file.stream.read() == b"abcdefghij"
+
+
+def _command(file: FileStorage) -> UploadCommand:
+ # the reader is not exercised by validate(); a stub is sufficient
+ return UploadCommand(
+ model_id=1,
+ table_name="t",
+ file=file,
+ schema=None,
+ reader=MagicMock(),
+ )
+
+
+def _stub_passing_checks(mocker: MockerFixture) -> None:
+ model = mocker.MagicMock()
+ model.db_engine_spec.supports_file_upload = True
+ mocker.patch(
+ "superset.commands.database.uploaders.base.DatabaseDAO.find_by_id",
+ return_value=model,
+ )
+ mocker.patch(
+ "superset.commands.database.uploaders.base.schema_allows_file_upload",
+ return_value=True,
+ )
+
+
+def test_validate_rejects_file_over_limit(
+ app_context: None, mocker: MockerFixture
+) -> None:
+ _stub_passing_checks(mocker)
+ mocker.patch.dict(
+ "superset.commands.database.uploaders.base.current_app.config",
+ {"UPLOAD_MAX_FILE_SIZE_BYTES": 4},
+ )
+ command = _command(_file(b"too many bytes"))
+ with pytest.raises(DatabaseUploadFileTooLarge):
+ command.validate()
+
+
+def test_validate_allows_file_within_limit(
+ app_context: None, mocker: MockerFixture
+) -> None:
+ _stub_passing_checks(mocker)
+ mocker.patch.dict(
+ "superset.commands.database.uploaders.base.current_app.config",
+ {"UPLOAD_MAX_FILE_SIZE_BYTES": 1024},
+ )
+ command = _command(_file(b"small"))
+ command.validate() # should not raise
+
+
+def test_validate_no_limit_when_disabled(
+ app_context: None, mocker: MockerFixture
+) -> None:
+ _stub_passing_checks(mocker)
+ mocker.patch.dict(
+ "superset.commands.database.uploaders.base.current_app.config",
+ {"UPLOAD_MAX_FILE_SIZE_BYTES": None},
+ )
+ command = _command(_file(b"x" * 10_000))
+ command.validate() # limit explicitly disabled (None) -> no rejection
+
+
+def test_validate_file_size_rejects_over_limit(
+ app_context: None, mocker: MockerFixture
+) -> None:
+ # the shared helper is used by both the upload and metadata paths
+ mocker.patch.dict(
+ "superset.commands.database.uploaders.base.current_app.config",
+ {"UPLOAD_MAX_FILE_SIZE_BYTES": 4},
+ )
+ with pytest.raises(DatabaseUploadFileTooLarge):
+ UploadCommand.validate_file_size(_file(b"too many bytes"))
+
+
+def test_validate_file_size_allows_within_limit(
+ app_context: None, mocker: MockerFixture
+) -> None:
+ mocker.patch.dict(
+ "superset.commands.database.uploaders.base.current_app.config",
+ {"UPLOAD_MAX_FILE_SIZE_BYTES": 1024},
+ )
+ UploadCommand.validate_file_size(_file(b"small")) # should not raise
+
+
+class _NonSeekableStream(io.RawIOBase):
+ def seekable(self) -> bool:
+ return False
+
+ def tell(self) -> int:
+ raise OSError("not seekable")
+
+
+def _non_seekable_file() -> FileStorage:
Review Comment:
✅ **Customized review instruction saved!**
**Instruction:**
> Avoid requiring docstrings for tiny test-only helpers and fixtures in test
files; name-based clarity is sufficient there.
**Applied to:**
- `**/test/**`
- `**/tests/**`
- `**/*test*.py`
---
💡 *To manage or update this instruction, visit: [CodeAnt AI
Settings](https://app.codeant.ai/org/settings/learnings)*
##########
tests/unit_tests/commands/databases/upload_command_test.py:
##########
@@ -0,0 +1,147 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+import io
+from unittest.mock import MagicMock
+
+import pytest
+from pytest_mock import MockerFixture
+from werkzeug.datastructures import FileStorage
+
+from superset.commands.database.exceptions import DatabaseUploadFileTooLarge
+from superset.commands.database.uploaders.base import UploadCommand
+
+
+def _file(contents: bytes) -> FileStorage:
+ return FileStorage(stream=io.BytesIO(contents), filename="data.bin")
+
+
+def test_file_size_bytes_does_not_consume_stream() -> None:
+ file = _file(b"abcdefghij") # 10 bytes
+ assert UploadCommand._file_size_bytes(file) == 10
+ # the stream is left at its original position so processing still works
+ assert file.stream.read() == b"abcdefghij"
+
+
+def _command(file: FileStorage) -> UploadCommand:
+ # the reader is not exercised by validate(); a stub is sufficient
+ return UploadCommand(
+ model_id=1,
+ table_name="t",
+ file=file,
+ schema=None,
+ reader=MagicMock(),
+ )
+
+
+def _stub_passing_checks(mocker: MockerFixture) -> None:
+ model = mocker.MagicMock()
+ model.db_engine_spec.supports_file_upload = True
+ mocker.patch(
+ "superset.commands.database.uploaders.base.DatabaseDAO.find_by_id",
+ return_value=model,
+ )
+ mocker.patch(
+ "superset.commands.database.uploaders.base.schema_allows_file_upload",
+ return_value=True,
+ )
+
+
+def test_validate_rejects_file_over_limit(
+ app_context: None, mocker: MockerFixture
+) -> None:
+ _stub_passing_checks(mocker)
+ mocker.patch.dict(
+ "superset.commands.database.uploaders.base.current_app.config",
+ {"UPLOAD_MAX_FILE_SIZE_BYTES": 4},
+ )
+ command = _command(_file(b"too many bytes"))
+ with pytest.raises(DatabaseUploadFileTooLarge):
+ command.validate()
+
+
+def test_validate_allows_file_within_limit(
+ app_context: None, mocker: MockerFixture
+) -> None:
+ _stub_passing_checks(mocker)
+ mocker.patch.dict(
+ "superset.commands.database.uploaders.base.current_app.config",
+ {"UPLOAD_MAX_FILE_SIZE_BYTES": 1024},
+ )
+ command = _command(_file(b"small"))
+ command.validate() # should not raise
+
+
+def test_validate_no_limit_when_disabled(
+ app_context: None, mocker: MockerFixture
+) -> None:
+ _stub_passing_checks(mocker)
+ mocker.patch.dict(
+ "superset.commands.database.uploaders.base.current_app.config",
+ {"UPLOAD_MAX_FILE_SIZE_BYTES": None},
+ )
+ command = _command(_file(b"x" * 10_000))
+ command.validate() # limit explicitly disabled (None) -> no rejection
+
+
+def test_validate_file_size_rejects_over_limit(
+ app_context: None, mocker: MockerFixture
+) -> None:
+ # the shared helper is used by both the upload and metadata paths
+ mocker.patch.dict(
+ "superset.commands.database.uploaders.base.current_app.config",
+ {"UPLOAD_MAX_FILE_SIZE_BYTES": 4},
+ )
+ with pytest.raises(DatabaseUploadFileTooLarge):
+ UploadCommand.validate_file_size(_file(b"too many bytes"))
+
+
+def test_validate_file_size_allows_within_limit(
+ app_context: None, mocker: MockerFixture
+) -> None:
+ mocker.patch.dict(
+ "superset.commands.database.uploaders.base.current_app.config",
+ {"UPLOAD_MAX_FILE_SIZE_BYTES": 1024},
+ )
+ UploadCommand.validate_file_size(_file(b"small")) # should not raise
+
+
+class _NonSeekableStream(io.RawIOBase):
Review Comment:
✅ **Customized review instruction saved!**
**Instruction:**
> Do not require docstrings for tiny test-only helper classes or fixtures in
test files when the class name already clearly describes its purpose.
**Applied to:**
- `**/test/**`
- `**/tests/**`
- `**/*test*.py`
---
💡 *To manage or update this instruction, visit: [CodeAnt AI
Settings](https://app.codeant.ai/org/settings/learnings)*
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
