bito-code-review[bot] commented on PR #41217:
URL: https://github.com/apache/superset/pull/41217#issuecomment-4748510852
<!-- Bito Reply -->
The flagged issue is correct. Allowing `0` as a valid dataset ID can lead to
unintended global RLS rules because downstream logic treats falsy values as
global. To resolve this, you can use a `validate` argument with
`marshmallow.validate.Range` to ensure the `dataset` field only accepts
positive integers.
Here is the implementation:
```python
from marshmallow import fields, validate
class RlsRuleSchema(Schema):
# ...
dataset = fields.Integer(validate=validate.Range(min=1))
clause = fields.String(required=True)
```
Regarding other comments on this PR, there are no additional review comments
in the provided context. If you have more comments to address, please provide
them, and I will be happy to help validate and implement fixes for them.
**superset/security/api.py**
```
from marshmallow import fields, validate
class RlsRuleSchema(Schema):
# ...
dataset = fields.Integer(validate=validate.Range(min=1))
clause = fields.String(required=True)
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
