codeant-ai-for-open-source[bot] commented on code in PR #37919:
URL: https://github.com/apache/superset/pull/37919#discussion_r3564764672


##########
superset-frontend/src/features/databases/DatabaseModal/DatabaseConnectionForm/EncryptedField.tsx:
##########
@@ -220,6 +234,7 @@ export const EncryptedField = ({
                       },
                     });
                     setFileList(info.fileList);
+                    getValidation();

Review Comment:
   **Suggestion:** The immediate validation call runs before the parent 
`onParametersChange` state update is applied, so validation is performed on 
stale database state. This can return a false missing-credentials error (or 
keep the button disabled) right after a successful file upload. Trigger 
validation only after the updated credentials are committed (for example by 
validating in a state-change effect or by validating against an explicitly 
built next-state snapshot). [race condition]
   
   <details>
   <summary><b>Severity Level:</b> Critical 🚨</summary>
   
   ```mdx
   - ❌ Dynamic database creation blocked after JSON credential upload.
   - ⚠️ Users see spurious missing-credentials errors on file upload.
   - ⚠️ Connect button stays disabled until manual revalidation occurs.
   - ⚠️ Validation endpoint receives outdated database parameters snapshot.
   ```
   </details>
   <details>
   <summary><b>Steps of Reproduction ✅ </b></summary>
   
   ```mdx
   1. Open the Database modal via the Databases UI, which uses the 
DatabaseModal component in
   `superset-frontend/src/features/databases/DatabaseModal/index.tsx` 
(DatabaseModal function
   definition around the reducer and hooks).
   
   2. In DatabaseModal, note that `useDatabaseValidation()` provides 
`validationErrors`,
   `getValidation`, `isValidating`, and `hasValidated` (hooks.ts:819-131), and 
that
   `getBlurValidation` is defined to call `getValidation(db)` based on the 
current reducer
   state `db` (DatabaseModal/index.tsx snippet lines 114-127 from the 778-1037 
read).
   
   3. Observe that `renderDatabaseConnectionForm` in DatabaseModal 
(index.tsx:1936-2015)
   renders `DatabaseConnectionForm` and passes 
`getValidation={getBlurValidation}` and
   `onParametersChange={handleParametersChange}`. In `DatabaseConnectionForm`
   (`DatabaseConnectionForm/index.tsx`:53-73), this `getValidation` and 
`onParametersChange`
   are forwarded into `changeMethods` and `FieldPropTypes` for dynamic fields 
like
   `credentials_info` and `service_account_info` via `FORM_FIELD_MAP` 
(constants.ts:72-89).
   
   4. In `EncryptedField` (`EncryptedField.tsx`:207-254), select the "Upload 
JSON file"
   option and upload a valid service-credentials JSON. The Upload `onChange` 
handler reads
   the file and calls `changeMethods.onParametersChange` to dispatch an
   `ActionType.ParametersChange` update into the `dbReducer`
   (DatabaseModal/index.tsx:177-225), then immediately calls `getValidation()` 
at lines
   236-237. Because React has not yet re-rendered with the updated
   `db.parameters[encryptedField]`, `getBlurValidation` still sees the old `db` 
snapshot and
   posts it to `/api/v1/database/validate_parameters/` via `getValidation` 
(hooks.ts:7-20),
   which generates `CONNECTION_MISSING_PARAMETERS_ERROR` entries for the 
credential field.
   These stale errors are stored in `validationErrors` and `hasValidated` is 
set, so the
   Connect button in DatabaseModal (index.tsx:1395-1402) remains disabled and 
shows a
   missing-credentials error even though the uploaded file has already been 
written into
   `db.parameters`.
   ```
   </details>
   
   [![Fix in 
Cursor](https://new-codeant-butcket.s3.us-west-1.amazonaws.com/badges/fix-in-cursor-flat.svg)](https://app.codeant.ai/fix-in-ide?tool=cursor&prompt_id=ba6799bce95f405195ff08c0964f278c&service=github&base_url=https%3A%2F%2Fgithub.com&org=apache&repo=apache%2Fsuperset)
 [![Fix in VSCode 
Claude](https://new-codeant-butcket.s3.us-west-1.amazonaws.com/badges/fix-in-vscode-claude-flat.svg)](https://app.codeant.ai/fix-in-ide?tool=vscode-claude&prompt_id=ba6799bce95f405195ff08c0964f278c&service=github&base_url=https%3A%2F%2Fgithub.com&org=apache&repo=apache%2Fsuperset)
   
   *(Use Cmd/Ctrl + Click for best experience)*
   <details>
   <summary><b>Prompt for AI Agent 🤖 </b></summary>
   
   ```mdx
   This is a comment left during a code review.
   
   **Path:** 
superset-frontend/src/features/databases/DatabaseModal/DatabaseConnectionForm/EncryptedField.tsx
   **Line:** 236:237
   **Comment:**
        *Race Condition: The immediate validation call runs before the parent 
`onParametersChange` state update is applied, so validation is performed on 
stale database state. This can return a false missing-credentials error (or 
keep the button disabled) right after a successful file upload. Trigger 
validation only after the updated credentials are committed (for example by 
validating in a state-change effect or by validating against an explicitly 
built next-state snapshot).
   
   Validate the correctness of the flagged issue. If correct, How can I resolve 
this? If you propose a fix, implement it and please make it concise.
   Once fix is implemented, also check other comments on the same PR, and ask 
user if the user wants to fix the rest of the comments as well. if said yes, 
then fetch all the comments validate the correctness and implement a minimal fix
   ```
   </details>
   <a 
href='https://app.codeant.ai/feedback?pr_url=https%3A%2F%2Fgithub.com%2Fapache%2Fsuperset%2Fpull%2F37919&comment_hash=a74f363487c2621edbe7b7d321015b4e2d4c8077bbdd75e71278e20e645b51ea&reaction=like'>👍</a>
 | <a 
href='https://app.codeant.ai/feedback?pr_url=https%3A%2F%2Fgithub.com%2Fapache%2Fsuperset%2Fpull%2F37919&comment_hash=a74f363487c2621edbe7b7d321015b4e2d4c8077bbdd75e71278e20e645b51ea&reaction=dislike'>👎</a>



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to