fix(chart-data): return 403 for SupersetSecurityException in chart data API#41865
Conversation
Code Review Agent Run #24ca65Actionable Suggestions - 0Review Details
Bito Usage GuideCommands Type the following command in the pull request comment and save the comment.
Refer to the documentation for additional commands. Configuration This repository uses Documentation & Help |
Codecov Report❌ Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## master #41865 +/- ##
==========================================
- Coverage 64.70% 64.65% -0.06%
==========================================
Files 2701 2702 +1
Lines 149843 150141 +298
Branches 34501 34553 +52
==========================================
+ Hits 96962 97067 +105
- Misses 51103 51285 +182
- Partials 1778 1789 +11
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Harness. 🚀 New features to boost your workflow:
|
✅ Deploy Preview for superset-docs-preview ready!
To edit notification comments on pull requests, go to your Netlify project configuration. |
Code Review Agent Run #50f104Actionable Suggestions - 0Review Details
Bito Usage GuideCommands Type the following command in the pull request comment and save the comment.
Refer to the documentation for additional commands. Configuration This repository uses Documentation & Help |
|
Thank you for the contribution |
SUMMARY
This change ensures that chart data API endpoints consistently return HTTP 403 Forbidden when a
SupersetSecurityExceptionis raised during request validation.Previously, these exceptions were not explicitly handled, allowing them to propagate as an internal server error (HTTP 500). This resulted in callers, including the Alerts & Reports CSV generation flow, receiving an unexpected 500 response instead of the appropriate authorization error.
This patch adds explicit handling for
SupersetSecurityExceptionin the affected chart data API endpoints by returningresponse_403(), aligning their behavior with other protected Superset endpoints.BEFORE/AFTER SCREENSHOTS OR ANIMATED GIF
Not applicable.
TESTING INSTRUCTIONS
SupersetSecurityException.ADDITIONAL INFORMATION