bito-code-review[bot] commented on code in PR #40956: URL: https://github.com/apache/superset/pull/40956#discussion_r3494559844
########## tests/unit_tests/mcp_service/dashboard/tool/test_delete_dashboard.py: ########## @@ -0,0 +1,152 @@ +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + +""" +Unit tests for the delete_dashboard MCP tool. + +Covers: +- Successful delete (happy path) +- confirm=false refusal (safety gate) +- Dashboard not found +- Permission denied (user does not own the dashboard) +""" + +from unittest.mock import Mock, patch + +import pytest +from fastmcp import Client + +from superset.mcp_service.app import mcp + + [email protected] +def mcp_server() -> object: + """Return the FastMCP app instance for use in MCP client tests.""" + return mcp + + [email protected](autouse=True) +def mock_auth(): + """Mock authentication for all tests.""" + with patch("superset.mcp_service.auth.get_user_from_request") as mock_get_user: + mock_user = Mock() + mock_user.id = 1 + mock_user.username = "admin" + mock_get_user.return_value = mock_user + yield mock_get_user + + +def _mock_dashboard(id: int = 1, title: str = "Sales Dashboard") -> Mock: + """Create a minimal mock Dashboard object.""" + dashboard = Mock() + dashboard.id = id + dashboard.dashboard_title = title + dashboard.slug = f"test-dashboard-{id}" + return dashboard + + +@patch("superset.commands.dashboard.delete.DeleteDashboardCommand") +@patch("superset.daos.dashboard.DashboardDAO.find_by_id") [email protected] +async def test_successful_delete( + mock_find_by_id: Mock, mock_delete_cmd_cls: Mock, mcp_server: object +) -> None: + """Happy path: dashboard deleted, summary echoed back.""" + mock_find_by_id.return_value = _mock_dashboard(id=1, title="Sales Dashboard") + mock_delete_cmd = Mock() + mock_delete_cmd.run.return_value = None + mock_delete_cmd_cls.return_value = mock_delete_cmd + + async with Client(mcp_server) as client: + result = await client.call_tool( + "delete_dashboard", + {"request": {"dashboard_id": 1, "confirm": True}}, + ) + + content = result.structured_content + assert content["deleted"] is True + assert content["error"] is None + assert content["dashboard"]["id"] == 1 + assert "Sales Dashboard" in content["dashboard"]["dashboard_title"] + assert "test-dashboard-1" in content["dashboard"]["slug"] + mock_delete_cmd_cls.assert_called_once_with([1]) + mock_delete_cmd.run.assert_called_once() + + +@patch("superset.commands.dashboard.delete.DeleteDashboardCommand") +@patch("superset.daos.dashboard.DashboardDAO.find_by_id") [email protected] +async def test_not_confirmed_refusal( + mock_find_by_id: Mock, mock_delete_cmd_cls: Mock, mcp_server: object +) -> None: + """confirm=false: the tool refuses and nothing is deleted.""" + async with Client(mcp_server) as client: + result = await client.call_tool( + "delete_dashboard", + {"request": {"dashboard_id": 1, "confirm": False}}, + ) + + content = result.structured_content + assert content["deleted"] is False + assert content["dashboard"] is None + assert "confirm" in (content["error"] or "").lower() + mock_find_by_id.assert_not_called() + mock_delete_cmd_cls.assert_not_called() + + +@patch("superset.daos.dashboard.DashboardDAO.find_by_id") [email protected] +async def test_dashboard_not_found(mock_find_by_id: Mock, mcp_server: object) -> None: + """Returns a clear error when the target dashboard does not exist.""" + mock_find_by_id.return_value = None + + async with Client(mcp_server) as client: + result = await client.call_tool( + "delete_dashboard", + {"request": {"dashboard_id": 999, "confirm": True}}, + ) + + content = result.structured_content + assert content["deleted"] is False + assert content["dashboard"] is None + assert "not found" in (content["error"] or "").lower() + + +@patch("superset.commands.dashboard.delete.DeleteDashboardCommand") +@patch("superset.daos.dashboard.DashboardDAO.find_by_id") [email protected] +async def test_permission_denied( + mock_find_by_id: Mock, mock_delete_cmd_cls: Mock, mcp_server: object +) -> None: + """Returns a structured error when the user cannot delete the dashboard.""" + from superset.commands.dashboard.exceptions import DashboardForbiddenError + Review Comment: <div> <div id="suggestion"> <div id="issue"><b>Missing error case test coverage</b></div> <div id="fix"> No test covers `DashboardDeleteFailedError` exception path (lines 129-137 in delete_dashboard.py). BITO.md rule [11730] requires tests for 'error scenarios, validation failures'. Without this test, errors during delete (e.g., associated alerts/reports blocking deletion) cannot be detected as regressions. </div> </div> <small><i>Code Review Run #2b445d</i></small> </div> --- Should Bito avoid suggestions like this for future reviews? (<a href=https://alpha.bito.ai/home/ai-agents/review-rules>Manage Rules</a>) - [ ] Yes, avoid them ########## superset/mcp_service/dashboard/schemas.py: ########## @@ -613,6 +613,60 @@ def sanitize_error_for_llm_context(cls, value: str | None) -> str | None: return sanitize_for_llm_context(value, field_path=("error",)) +class DeleteDashboardRequest(BaseModel): + """Request schema for deleting a dashboard.""" + + dashboard_id: int = Field(..., description="ID of the dashboard to delete") + confirm: bool = Field( + ..., + description=( + "Explicit confirmation of the deletion. Deleting a dashboard is " + "permanent and cannot be undone. The tool refuses to delete unless " + "this is set to true." + ), + ) + + +class DeletedDashboardSummary(BaseModel): + """Summary of a dashboard targeted for deletion.""" + + id: int = Field(..., description="ID of the dashboard") + dashboard_title: str | None = Field(None, description="Title of the dashboard") + slug: str | None = Field(None, description="Slug of the dashboard") + + @field_validator("dashboard_title", "slug") + @classmethod + def sanitize_text_for_llm_context(cls, value: str | None) -> str | None: + """Wrap user-controlled dashboard text before LLM exposure.""" + if value is None: + return value + return sanitize_for_llm_context(value, field_path=("dashboard",)) + + +class DeleteDashboardResponse(BaseModel): + """Response schema for deleting a dashboard.""" + + deleted: bool = Field( + False, description="True when the dashboard was permanently deleted" + ) + dashboard: DeletedDashboardSummary | None = Field( + None, description="Summary of the deleted (or targeted) dashboard" + ) + error: str | None = Field(None, description="Error message, if operation failed") + + @field_validator("error") + @classmethod + def sanitize_error_for_llm_context(cls, value: str | None) -> str | None: + """Wrap error text before it is exposed to LLM context. + + The error may echo the dashboard-controlled title — it must be wrapped + so the LLM treats it as data, not instructions. + """ + if value is None: + return value + return sanitize_for_llm_context(value, field_path=("error",)) Review Comment: <div> <div id="suggestion"> <div id="issue"><b>Missing schema validator tests</b></div> <div id="fix"> The new `DeleteDashboardRequest`, `DeletedDashboardSummary`, and `DeleteDashboardResponse` schemas introduce `field_validator` decorators that wrap user-controlled fields (`dashboard_title`, `slug`, `error`) for LLM context protection. Per adaptive rule [11731], new MCP schemas must include dedicated unit tests covering schema serialization and validation. The existing `test_delete_dashboard.py` only tests tool behavior, not the schema validators themselves. Without tests, the sanitization logic lacks verification and could silently break on future changes. </div> </div> <small><i>Code Review Run #2b445d</i></small> </div> --- Should Bito avoid suggestions like this for future reviews? (<a href=https://alpha.bito.ai/home/ai-agents/review-rules>Manage Rules</a>) - [ ] Yes, avoid them -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
