Re: [PR] fix(explore): apply per-datasource access check on the legacy explore view [superset]

Thu, 25 Jun 2026 16:00:43 -0700 


bito-code-review[bot] commented on code in PR #41425:
URL: https://github.com/apache/superset/pull/41425#discussion_r3478169505


##########
superset/views/core.py:
##########
@@ -505,6 +505,11 @@ def explore(  # noqa: C901
                     datasource_id,
                 )
 
+        # Apply the same per-datasource access check the explore command 
performs,
+        # so this view is consistent with it before rendering datasource 
metadata.
+        if datasource:
+            security_manager.raise_for_access(datasource=datasource)

Review Comment:
   <div>
   
   
   <div id="suggestion">
   <div id="issue"><b>CWE-552: Unhandled Security Exception</b></div>
   <div id="fix">
   
   The `raise_for_access(datasource=datasource)` call raises 
`SupersetSecurityException` (status 403) when access is denied, but the 
`explore` method has no `@handle_api_exception` decorator and no explicit 
try/except to catch it. All other methods in this class that call 
`raise_for_access` are either decorated with `@handle_api_exception` (e.g. 
`explore_json` at line 279, `dashboard_v2` at line 892) or use an explicit 
try/except block (e.g. `dashboard` at lines 825-830). Without this, the 
exception propagates as a generic 500 HTML page instead of a structured 403 
JSON response, leaking internal details and breaking clients that expect JSON. 
(See also: [CWE-552](https://cwe.mitre.org/data/definitions/552.html))
   </div>
   
   
   <details>
   <summary>
   <b>Code suggestion</b>
   </summary>
   <blockquote>Check the AI-generated fix before applying</blockquote>
   <div id="code">
   
   
   ```
    --- superset/views/core.py (lines 508-512) ---
    510: 
    511: +        if datasource:
    512: +            try:
    513: +                
security_manager.raise_for_access(datasource=datasource)
    514: +            except SupersetSecurityException:
    515: +                return json_error_response(_("Forbidden"), status=403)
    516: +
        (context around 508-517):
        508: 
        509: +        // Apply the same per-datasource access check the explore 
command performs,
        510: +        // so this view is consistent with it before rendering 
datasource metadata.
        511: +        if datasource:
        512: +            try:
        513: +                
security_manager.raise_for_access(datasource=datasource)
        514: +            except SupersetSecurityException:
    515: +                return json_error_response(_("Forbidden"), status=403)
        516: +
    517:           datasource_name = datasource.name if datasource else 
_("[Missing Dataset]")
   ```
   
   </div>
   </details>
   
   
   
   </div>
   
   
   
   
   <small><i>Code Review Run #1d61bf</i></small>
   </div>
   
   ---
   Should Bito avoid suggestions like this for future reviews? (<a 
href=https://alpha.bito.ai/home/ai-agents/review-rules>Manage Rules</a>)
   - [ ] Yes, avoid them



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to