bito-code-review[bot] commented on code in PR #36933: URL: https://github.com/apache/superset/pull/36933#discussion_r2891481915
########## superset/models/embedded_chart.py: ########## @@ -0,0 +1,58 @@ +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +import uuid + +from flask_appbuilder import Model +from sqlalchemy import Column, ForeignKey, Integer, Text +from sqlalchemy.orm import relationship +from sqlalchemy_utils import UUIDType + +from superset.models.helpers import AuditMixinNullable + + +class EmbeddedChart(Model, AuditMixinNullable): + """ + A configuration of embedding for a chart. + + References the chart (slice), and contains a config for embedding that chart. + + This data model allows multiple configurations for a given chart, + but at this time the API only allows setting one. + """ + + __tablename__ = "embedded_charts" + + uuid = Column(UUIDType(binary=True), default=uuid.uuid4, primary_key=True) + allow_domain_list = Column(Text) # reference the `allowed_domains` property instead + chart_id = Column( + Integer, + ForeignKey("slices.id", ondelete="CASCADE"), + nullable=False, + ) + chart = relationship( + "Slice", + back_populates="embedded", + foreign_keys=[chart_id], + ) + + @property + def allowed_domains(self) -> list[str]: + """ + A list of domains which are allowed to embed the chart. + An empty list means any domain can embed. + """ + return self.allow_domain_list.split(",") if self.allow_domain_list else [] Review Comment: <div> <div id="suggestion"> <div id="issue"><b>Domain parsing robustness</b></div> <div id="fix"> The allowed_domains property splits the comma-separated domain list but does not handle whitespace around domains or empty entries, which could lead to incorrect embedding validation. Consider stripping whitespace and filtering empties for robustness. </div> <details> <summary> <b>Code suggestion</b> </summary> <blockquote>Check the AI-generated fix before applying</blockquote> <div id="code"> ````suggestion return [domain.strip() for domain in self.allow_domain_list.split(",") if domain.strip()] if self.allow_domain_list else [] ```` </div> </details> </div> <small><i>Code Review Run #04cac8</i></small> </div> --- Should Bito avoid suggestions like this for future reviews? (<a href=https://alpha.bito.ai/home/ai-agents/review-rules>Manage Rules</a>) - [ ] Yes, avoid them ########## superset/views/embedded_charts.py: ########## @@ -0,0 +1,34 @@ +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +from flask_appbuilder import expose, has_access + +from superset.constants import MODEL_VIEW_RW_METHOD_PERMISSION_MAP +from superset.superset_typing import FlaskResponse +from superset.views.base import BaseSupersetView + + +class EmbeddedChartsView(BaseSupersetView): + """View for managing embedded charts list.""" + + route_base = "/embeddedcharts" + class_permission_name = "Chart" + method_permission_name = MODEL_VIEW_RW_METHOD_PERMISSION_MAP + + @expose("/list/") + @has_access + def list(self) -> FlaskResponse: + return super().render_app_template() Review Comment: <div> <div id="suggestion"> <div id="issue"><b>Incorrect frontend entry for embedded view</b></div> <div id="fix"> The render_app_template call defaults to entry="spa", but for the embedded charts view, it appears entry="embedded" should be used to load the appropriate frontend application, similar to how embedded dashboards specify this parameter. </div> <details> <summary> <b>Code suggestion</b> </summary> <blockquote>Check the AI-generated fix before applying</blockquote> <div id="code"> ````suggestion return super().render_app_template(entry="embedded") ```` </div> </details> </div> <small><i>Code Review Run #04cac8</i></small> </div> --- Should Bito avoid suggestions like this for future reviews? (<a href=https://alpha.bito.ai/home/ai-agents/review-rules>Manage Rules</a>) - [ ] Yes, avoid them ########## superset/embedded_chart/exceptions.py: ########## @@ -0,0 +1,35 @@ +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +from superset.exceptions import SupersetException + + +class EmbeddedChartPermalinkNotFoundError(SupersetException): + """Raised when an embedded chart permalink is not found or has expired.""" + + message = "The embedded chart permalink could not be found or has expired." Review Comment: <div> <div id="suggestion"> <div id="issue"><b>I18n and HTTP status codes missing</b></div> <div id="fix"> Exception messages should use lazy_gettext for i18n support, and classes need status codes for proper HTTP responses. The api.py handlers already return 401/404, but status attributes ensure consistency. </div> <details> <summary> <b>Code suggestion</b> </summary> <blockquote>Check the AI-generated fix before applying</blockquote> <div id="code"> ``` - from superset.exceptions import SupersetException - - - class EmbeddedChartPermalinkNotFoundError(SupersetException): + from superset.exceptions import SupersetException + from flask_babel import lazy_gettext as _ + + + class EmbeddedChartPermalinkNotFoundError(SupersetException): @@ -23,2 +24,3 @@ - message = "The embedded chart permalink could not be found or has expired." - + message = _("The embedded chart permalink could not be found or has expired.") + status = 404 + @@ -29,1 +31,2 @@ - message = "Access to this embedded chart is denied." + message = _("Access to this embedded chart is denied.") + status = 403 @@ -35,1 +38,2 @@ - message = "The embeddable charts feature is not enabled." + message = _("The embeddable charts feature is not enabled.") + status = 403 ``` </div> </details> </div> <small><i>Code Review Run #04cac8</i></small> </div> --- Should Bito avoid suggestions like this for future reviews? (<a href=https://alpha.bito.ai/home/ai-agents/review-rules>Manage Rules</a>) - [ ] Yes, avoid them ########## superset/commands/chart/delete.py: ########## @@ -68,3 +69,16 @@ def validate(self) -> None: security_manager.raise_for_ownership(model) except SupersetSecurityException as ex: raise ChartForbiddenError() from ex + + +class DeleteEmbeddedChartCommand(BaseCommand): + def __init__(self, chart: Slice): + self._chart = chart + + @transaction(on_error=partial(on_error, reraise=ChartDeleteEmbeddedFailedError)) + def run(self) -> None: + self.validate() + return EmbeddedChartDAO.delete(self._chart.embedded) + + def validate(self) -> None: + pass Review Comment: <div> <div id="suggestion"> <div id="issue"><b>Security: Missing Ownership Check</b></div> <div id="fix"> The validate method lacks ownership checking, unlike DeleteChartCommand. This could allow unauthorized deletion of embedded charts, posing a security risk. </div> <details> <summary> <b>Code suggestion</b> </summary> <blockquote>Check the AI-generated fix before applying</blockquote> <div id="code"> ````suggestion try: security_manager.raise_for_ownership(self._chart) except SupersetSecurityException as ex: raise ChartForbiddenError() from ex ```` </div> </details> </div> <small><i>Code Review Run #04cac8</i></small> </div> --- Should Bito avoid suggestions like this for future reviews? (<a href=https://alpha.bito.ai/home/ai-agents/review-rules>Manage Rules</a>) - [ ] Yes, avoid them -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
