fix(mcp): coerce Role ORM objects to role names in UserInfo schema#40746
Conversation
There was a problem hiding this comment.
Pull request overview
This PR addresses MCP tool response serialization failures by ensuring UserInfo.roles can be validated when SQLAlchemy provides Role ORM objects (instead of strings), preventing Pydantic validation errors in MCP tool outputs.
Changes:
- Adds a
field_validator("roles", mode="before")onUserInfoto coerce role-like objects to role-name strings.
Codecov Report❌ Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## master #40746 +/- ##
==========================================
- Coverage 64.70% 64.69% -0.02%
==========================================
Files 2701 2701
Lines 149839 149863 +24
Branches 34497 34504 +7
==========================================
- Hits 96958 96955 -3
- Misses 51106 51130 +24
- Partials 1775 1778 +3
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Harness. 🚀 New features to boost your workflow:
|
|
Pushed an update to the
Let me know if anything else looks off. |
✅ Deploy Preview for superset-docs-preview ready!
To edit notification comments on pull requests, go to your Netlify project configuration. |
There was a problem hiding this comment.
Code Review Agent Run #22db82
Actionable Suggestions - 1
-
superset/mcp_service/user/schemas.py - 1
- Duplicate role extraction logic · Line 118-125
Review Details
-
Files reviewed - 2 · Commit Range:
b7aa1f3..c397f7c- superset/mcp_service/user/schemas.py
- tests/unit_tests/mcp_service/user/test_schemas.py
-
Files skipped - 0
-
Tools
- Whispers (Secret Scanner) - ✔︎ Successful
- Detect-secrets (Secret Scanner) - ✔︎ Successful
- MyPy (Static Code Analysis) - ✔︎ Successful
- Astral Ruff (Static Code Analysis) - ✔︎ Successful
Bito Usage Guide
Commands
Type the following command in the pull request comment and save the comment.
-
/review- Manually triggers a full AI review. -
/pause- Pauses automatic reviews on this pull request. -
/resume- Resumes automatic reviews. -
/resolve- Marks all Bito-posted review comments as resolved. -
/abort- Cancels all in-progress reviews.
Refer to the documentation for additional commands.
Configuration
This repository uses Superset You can customize the agent settings here or contact your Bito workspace admin at evan@preset.io.
Documentation & Help
|
Good catch on the spacing. Added the missing blank line between the validator and the next field. |
ec7ac64 to
b784651
Compare
5327c63 to
a259d32
Compare
There was a problem hiding this comment.
Code Review Agent Run #64cd4a
Actionable Suggestions - 2
-
tests/unit_tests/mcp_service/user/test_schemas.py - 2
- Incomplete test assertions · Line 65-80
- Incomplete test assertions · Line 83-101
Review Details
-
Files reviewed - 2 · Commit Range:
f4d11ac..899150b- superset/mcp_service/user/schemas.py
- tests/unit_tests/mcp_service/user/test_schemas.py
-
Files skipped - 0
-
Tools
- Whispers (Secret Scanner) - ✔︎ Successful
- Detect-secrets (Secret Scanner) - ✔︎ Successful
- MyPy (Static Code Analysis) - ✔︎ Successful
- Astral Ruff (Static Code Analysis) - ✔︎ Successful
Bito Usage Guide
Commands
Type the following command in the pull request comment and save the comment.
-
/review- Manually triggers a full AI review. -
/pause- Pauses automatic reviews on this pull request. -
/resume- Resumes automatic reviews. -
/resolve- Marks all Bito-posted review comments as resolved. -
/abort- Cancels all in-progress reviews.
Refer to the documentation for additional commands.
Configuration
This repository uses Superset You can customize the agent settings here or contact your Bito workspace admin at evan@preset.io.
Documentation & Help
d291e7e to
d050377
Compare
f399be6 to
4e4d133
Compare
There was a problem hiding this comment.
Code Review Agent Run #8137cc
Actionable Suggestions - 1
-
superset/mcp_service/user/schemas.py - 1
- Move try-except outside loop · Line 306-316
Additional Suggestions - 2
-
tests/unit_tests/mcp_service/user/test_schemas.py - 1
-
CWE-117: Inconsistent LLM sanitization · Line 98-102`username` and `email` use `escape_llm_context_delimiters` (lines 317, 325 in schemas.py) while `first_name`/`last_name` use `sanitize_for_llm_context` (wrap-style); tests on lines 98-102 expose this inconsistency. All four fields are user-controlled strings that should receive the same LLM-context treatment in the same function.
-
-
superset/mcp_service/user/schemas.py - 1
-
Inconsistent log messages · Line 129-131Inconsistent logging message: validator uses 'Skipping role with detached instance in UserInfo.roles coercion' while serialize_user_object uses 'Skipping role that raised exception in serialize_user_object'. Consider using a consistent format.
-
Filtered by Review Rules
Bito filtered these suggestions based on rules created automatically for your feedback. Manage rules.
-
superset/mcp_service/user/schemas.py - 1
- Semantic duplication risk · Line 48-48
Review Details
-
Files reviewed - 2 · Commit Range:
11d5336..5b6e29b- superset/mcp_service/user/schemas.py
- tests/unit_tests/mcp_service/user/test_schemas.py
-
Files skipped - 0
-
Tools
- Whispers (Secret Scanner) - ✔︎ Successful
- Detect-secrets (Secret Scanner) - ✔︎ Successful
- MyPy (Static Code Analysis) - ✔︎ Successful
- Astral Ruff (Static Code Analysis) - ✔︎ Successful
Bito Usage Guide
Commands
Type the following command in the pull request comment and save the comment.
-
/review- Manually triggers a full AI review. -
/pause- Pauses automatic reviews on this pull request. -
/resume- Resumes automatic reviews. -
/resolve- Marks all Bito-posted review comments as resolved. -
/abort- Cancels all in-progress reviews.
Refer to the documentation for additional commands.
Configuration
This repository uses Superset You can customize the agent settings here or contact your Bito workspace admin at evan@preset.io.
Documentation & Help
|
Approving CI, but note that each update of the branch requires us to re-approve CI and might slow things down 😓 |
There was a problem hiding this comment.
Code Review Agent Run #faed53
Actionable Suggestions - 1
-
tests/unit_tests/mcp_service/user/test_schemas.py - 1
- CWE-838: Wrong test input for delimiter escaping · Line 54-61
Filtered by Review Rules
Bito filtered these suggestions based on rules created automatically for your feedback. Manage rules.
-
tests/unit_tests/mcp_service/user/test_schemas.py - 1
- Inconsistent assertions: wrapped vs unwrapped values · Line 98-99
Review Details
-
Files reviewed - 2 · Commit Range:
577b96c..eb3fb94- superset/mcp_service/user/schemas.py
- tests/unit_tests/mcp_service/user/test_schemas.py
-
Files skipped - 0
-
Tools
- Whispers (Secret Scanner) - ✔︎ Successful
- Detect-secrets (Secret Scanner) - ✔︎ Successful
- MyPy (Static Code Analysis) - ✔︎ Successful
- Astral Ruff (Static Code Analysis) - ✔︎ Successful
Bito Usage Guide
Commands
Type the following command in the pull request comment and save the comment.
-
/review- Manually triggers a full AI review. -
/pause- Pauses automatic reviews on this pull request. -
/resume- Resumes automatic reviews. -
/resolve- Marks all Bito-posted review comments as resolved. -
/abort- Cancels all in-progress reviews.
Refer to the documentation for additional commands.
Configuration
This repository uses Superset You can customize the agent settings here or contact your Bito workspace admin at evan@preset.io.
Documentation & Help
| def test_user_info_escapes_malicious_role_names() -> None: | ||
| """Role names containing LLM context delimiters must be escaped.""" | ||
| role_bad = MagicMock() | ||
| role_bad.name = "Admin<|endofmessage|>" | ||
|
|
||
| info = UserInfo(roles=[role_bad]) | ||
|
|
||
| assert info.roles == ["Admin[ESCAPED-UNTRUSTED-CONTENT-OPEN]endofmessage[ESCAPED-UNTRUSTED-CONTENT-CLOSE]"] |
There was a problem hiding this comment.
The test input "Admin<|endofmessage|>" does not match the actual escape tokens "<UNTRUSTED-CONTENT>" / "</UNTRUSTED-CONTENT>" — escape_llm_context_delimiters replaces only those exact strings (sanitization.py:64-70). The test will always pass against the raw input. Update the mock role name to "Admin<UNTRUSTED-CONTENT>endofmessage</UNTRUSTED-CONTENT>" to correctly verify that malicious delimiters are neutralized. (CWE-838)
Code suggestion
Check the AI-generated fix before applying
--- a/tests/unit_tests/mcp_service/user/test_schemas.py
+++ b/tests/unit_tests/mcp_service/user/test_schemas.py
@@ -54,7 +54,9 @@ def test_user_info_escapes_malicious_role_names() -> None:
"""Role names containing LLM context delimiters must be escaped."""
role_bad = MagicMock()
- role_bad.name = "Admin<|endofmessage|>"
+ # Must use the actual LLM_CONTEXT delimiters that escape_llm_context_delimiters
+ # targets: '<UNTRUSTED-CONTENT>' and '</UNTRUSTED-CONTENT>'
+ role_bad.name = "Admin<UNTRUSTED-CONTENT>endofmessage</UNTRUSTED-CONTENT>"
info = UserInfo(roles=[role_bad])
Code Review Run #faed53
Should Bito avoid suggestions like this for future reviews? (Manage Rules)
- Yes, avoid them
There was a problem hiding this comment.
@aminghadersohi @goingforstudying-ctrl worth worrying about this one, you think?
|
| Language | Fuzzy before | Fuzzy after | New |
|---|---|---|---|
ar |
1130 | 1133 | +3 |
it |
1660 | 1662 | +2 |
ko |
1514 | 1516 | +2 |
pt |
1835 | 1837 | +2 |
How to fix
1. Install dependencies (if not already set up):
pip install -r superset/translations/requirements.txt
sudo apt-get install gettext # or: brew install gettext2. Re-extract strings and sync .po files:
./scripts/translations/babel_update.shThis rewrites superset/translations/messages.pot from the current source files and merges the changes into every .po file. Strings whose msgid changed will be marked #, fuzzy.
3. Resolve the fuzzy entries in the affected language files (ar, it, ko, pt):
grep -n '#, fuzzy' superset/translations/<lang>/LC_MESSAGES/messages.poFor each fuzzy entry, either rewrite the msgstr to match the new string and remove the #, fuzzy line, or clear the msgstr to "" if you cannot provide a translation.
4. Commit your changes to the .po files.
We have to approve CI each time the PR is edited. You're rebasing and force-pushing a LOT here, which is causing Bito to re-review it a ton, and if CI-auto ran, this PR would cost ASF infra a fortune. Feel free to push fixes as often as needed, but the rebases might not be needed so often :P |
|
Deleted a ton of noise due to rebasing from the thread, and will run CI now. Please hold if you want to see how it completes :D |
There was a problem hiding this comment.
Code Review Agent Run #6fcd18
Actionable Suggestions - 1
-
superset-frontend/plugins/plugin-chart-echarts/src/Timeseries/transformProps.ts - 1
- Cross-filter axis clicks broken · Line 892-892
Additional Suggestions - 4
-
superset-frontend/plugins/plugin-chart-echarts/src/Timeseries/EchartsTimeseries.test.tsx - 2
-
Test coverage gap for queryEventHandlers · Line 400-497The 4 removed tests covered queryEventHandlers behavior (accessing 'yAxis.category' query for horizontal bars). None of the 5 remaining tests access queryEventHandlers — they all use eventHandlers.click/contextmenu instead. The test gap should be documented.
-
Test description vs config mismatch · Line 400-498Test names say 'horizontal categorical bar' but the tests omit the `orientation` prop, defaulting to `OrientationType.Vertical` from `defaultFormData`. The deleted tests explicitly set `orientation: OrientationType.Horizontal`. If horizontal orientation behavior is the intended scenario, add `orientation: OrientationType.Horizontal` to `propsWithHorizontalXAxis`.
-
-
superset/mcp_service/user/schemas.py - 1
-
Missing HTML sanitization on roles · Line 298-300The original `serialize_user_object` wrapped roles with `sanitize_for_llm_context(r, field_path=('roles',))` before the list comprehension. This performed HTML stripping. The new code (lines 308-311) only applies `escape_llm_context_delimiters`. If role names can contain HTML that should be stripped (like first_name/last_name), this behavior change may be unintended.
-
-
superset-frontend/src/features/tags/BulkTagModal.test.tsx - 1
-
describe blocks contradict project guidance · Line 39-40This change wraps 6 independent `test()` calls in a `describe` block, which contradicts AGENTS.md's directive to `Use test() instead of describe()` (see https://kentcdodds.com/blog/avoid-nesting-when-youre-testing). The TODO comment acknowledges this anti-pattern but doesn't address it. Flat test files improve readability and maintainability.
Code suggestion
--- superset-frontend/src/features/tags/BulkTagModal.test.tsx (lines 39-44) --- 39: -// eslint-disable-next-line no-restricted-globals -- TODO: Migrate from describe blocks 39: -describe('BulkTagModal', () => { 39: +afterEach(() => { 40: - afterEach(() => { 41: + fetchMock.clearHistory().removeRoutes(); 42: - fetchMock.clearHistory().removeRoutes(); 42: + jest.clearAllMocks(); 43: - jest.clearAllMocks(); 43: - }); 44: +});
-
Filtered by Review Rules
Bito filtered these suggestions based on rules created automatically for your feedback. Manage rules.
-
superset-frontend/plugins/plugin-chart-echarts/src/Timeseries/EchartsTimeseries.tsx - 1
- Dead prop passing to Echart · Line 440-440
Review Details
-
Files reviewed - 11 · Commit Range:
f2094f7..f2094f7- superset-frontend/plugins/plugin-chart-echarts/src/Timeseries/EchartsTimeseries.test.tsx
- superset-frontend/plugins/plugin-chart-echarts/src/Timeseries/EchartsTimeseries.tsx
- superset-frontend/plugins/plugin-chart-echarts/src/Timeseries/transformProps.ts
- superset-frontend/plugins/plugin-chart-echarts/src/components/Echart.tsx
- superset-frontend/plugins/plugin-chart-echarts/src/types.ts
- superset-frontend/plugins/plugin-chart-echarts/test/Timeseries/transformProps.test.ts
- superset-frontend/src/features/tags/BulkTagModal.test.tsx
- superset-frontend/src/hooks/useThemeMenuItems.test.tsx
- superset-frontend/src/utils/common.test.tsx
- superset/mcp_service/user/schemas.py
- tests/unit_tests/mcp_service/user/test_schemas.py
-
Files skipped - 0
-
Tools
- Whispers (Secret Scanner) - ✔︎ Successful
- Detect-secrets (Secret Scanner) - ✔︎ Successful
- Eslint (Linter) - ✔︎ Successful
- MyPy (Static Code Analysis) - ✔︎ Successful
- Astral Ruff (Static Code Analysis) - ✔︎ Successful
Bito Usage Guide
Commands
Type the following command in the pull request comment and save the comment.
-
/review- Manually triggers a full AI review. -
/pause- Pauses automatic reviews on this pull request. -
/resume- Resumes automatic reviews. -
/resolve- Marks all Bito-posted review comments as resolved. -
/abort- Cancels all in-progress reviews.
Refer to the documentation for additional commands.
Configuration
This repository uses Superset You can customize the agent settings here or contact your Bito workspace admin at evan@preset.io.
Documentation & Help
|
Fixed the current CI failures on the latest push: ruff formatting/import ordering in the user schema tests, and the ECharts query event handler support needed by Verified locally:
The pull_request workflows are currently waiting for maintainer approval to run after this push. |
There was a problem hiding this comment.
Code Review Agent Run #0d2268
Actionable Suggestions - 1
-
superset-frontend/src/features/tags/BulkTagModal.test.tsx - 1
- Test pattern regression · Line 39-40
Additional Suggestions - 1
-
superset-frontend/plugins/plugin-chart-echarts/src/Timeseries/EchartsTimeseries.test.tsx - 1
-
Missing test for axis-label click behavior · Line 364-511After removing `queryEventHandlers` and the `componentType === 'series'` guard, axis-label clicks in vertical charts now emit cross-filter via `props.name`. The removed test 'does not emit duplicate cross-filter for generic axis label clicks' validated the old behavior. Add a test confirming horizontal bar axis-label clicks emit cross-filter with the category value, since this specific scenario has no coverage after the refactor.
-
Filtered by Review Rules
Bito filtered these suggestions based on rules created automatically for your feedback. Manage rules.
-
superset-frontend/plugins/plugin-chart-echarts/src/Timeseries/transformProps.ts - 1
- Misleading commit message masking functional changes · Line 889-895
-
tests/unit_tests/mcp_service/user/test_schemas.py - 1
- Test assertion checks wrapped output · Line 100-100
Review Details
-
Files reviewed - 9 · Commit Range:
77a0e23..01c0dc0- superset-frontend/plugins/plugin-chart-echarts/src/Timeseries/EchartsTimeseries.test.tsx
- superset-frontend/plugins/plugin-chart-echarts/src/Timeseries/EchartsTimeseries.tsx
- superset-frontend/plugins/plugin-chart-echarts/src/Timeseries/transformProps.ts
- superset-frontend/plugins/plugin-chart-echarts/test/Timeseries/transformProps.test.ts
- superset-frontend/src/features/tags/BulkTagModal.test.tsx
- superset-frontend/src/hooks/useThemeMenuItems.test.tsx
- superset-frontend/src/utils/common.test.tsx
- superset/mcp_service/user/schemas.py
- tests/unit_tests/mcp_service/user/test_schemas.py
-
Files skipped - 0
-
Tools
- Whispers (Secret Scanner) - ✔︎ Successful
- Detect-secrets (Secret Scanner) - ✔︎ Successful
- Eslint (Linter) - ✔︎ Successful
- MyPy (Static Code Analysis) - ✔︎ Successful
- Astral Ruff (Static Code Analysis) - ✔︎ Successful
Bito Usage Guide
Commands
Type the following command in the pull request comment and save the comment.
-
/review- Manually triggers a full AI review. -
/pause- Pauses automatic reviews on this pull request. -
/resume- Resumes automatic reviews. -
/resolve- Marks all Bito-posted review comments as resolved. -
/abort- Cancels all in-progress reviews.
Refer to the documentation for additional commands.
Configuration
This repository uses Superset You can customize the agent settings here or contact your Bito workspace admin at evan@preset.io.
Documentation & Help
|
Looks like some pretty worrisome bot review comments above... can we avoid those test and functionality regressions? |
|
Running CI again, but would still appreciate comments on the open review comments above. Seems like you might have addressed them, but I'll give it a more thorough review when CI is (hopefully) green. |
There was a problem hiding this comment.
Code Review Agent Run #012b19
Actionable Suggestions - 2
-
tests/unit_tests/mcp_service/user/test_schemas.py - 2
- CWE-20: Untested string-escape path · Line 29-33
- CWE-20: Incomplete escape coverage · Line 53-63
Filtered by Review Rules
Bito filtered these suggestions based on rules created automatically for your feedback. Manage rules.
-
tests/unit_tests/mcp_service/user/test_schemas.py - 2
- CWE-20: Wrong assertion on sanitized output · Line 104-109
- CWE-20: Wrong assertion on sanitized output · Line 114-145
Review Details
-
Files reviewed - 2 · Commit Range:
5c5c98e..5c5c98e- superset/mcp_service/user/schemas.py
- tests/unit_tests/mcp_service/user/test_schemas.py
-
Files skipped - 0
-
Tools
- MyPy (Static Code Analysis) - ✔︎ Successful
- Astral Ruff (Static Code Analysis) - ✔︎ Successful
- Whispers (Secret Scanner) - ✔︎ Successful
- Detect-secrets (Secret Scanner) - ✔︎ Successful
Bito Usage Guide
Commands
Type the following command in the pull request comment and save the comment.
-
/review- Manually triggers a full AI review. -
/pause- Pauses automatic reviews on this pull request. -
/resume- Resumes automatic reviews. -
/resolve- Marks all Bito-posted review comments as resolved. -
/abort- Cancels all in-progress reviews.
Refer to the documentation for additional commands.
Configuration
This repository uses Superset You can customize the agent settings here or contact your Bito workspace admin at evan@preset.io.
Documentation & Help
There was a problem hiding this comment.
Code Review Agent Run #fa460d
Actionable Suggestions - 1
-
superset/mcp_service/user/schemas.py - 1
- Refactor loop with try-except · Line 307-317
Filtered by Review Rules
Bito filtered these suggestions based on rules created automatically for your feedback. Manage rules.
-
tests/unit_tests/mcp_service/user/test_schemas.py - 1
- Test assertion uses implicit string concatenation · Line 60-73
-
superset/mcp_service/user/schemas.py - 1
- Duplicated role coercion across validator and serializer · Line 111-132
Review Details
-
Files reviewed - 2 · Commit Range:
942f325..b29704c- superset/mcp_service/user/schemas.py
- tests/unit_tests/mcp_service/user/test_schemas.py
-
Files skipped - 0
-
Tools
- MyPy (Static Code Analysis) - ✔︎ Successful
- Astral Ruff (Static Code Analysis) - ✔︎ Successful
- Whispers (Secret Scanner) - ✔︎ Successful
- Detect-secrets (Secret Scanner) - ✔︎ Successful
Bito Usage Guide
Commands
Type the following command in the pull request comment and save the comment.
-
/review- Manually triggers a full AI review. -
/pause- Pauses automatic reviews on this pull request. -
/resume- Resumes automatic reviews. -
/resolve- Marks all Bito-posted review comments as resolved. -
/abort- Cancels all in-progress reviews.
Refer to the documentation for additional commands.
Configuration
This repository uses Superset You can customize the agent settings here or contact your Bito workspace admin at evan@preset.io.
Documentation & Help
There was a problem hiding this comment.
Code Review Agent Run #b65788
Actionable Suggestions - 1
-
superset/mcp_service/user/schemas.py - 1
- Move try-except outside loop for performance · Line 309-316
Review Details
-
Files reviewed - 2 · Commit Range:
30ff64e..34d6fd1- superset/mcp_service/user/schemas.py
- tests/unit_tests/mcp_service/user/test_schemas.py
-
Files skipped - 0
-
Tools
- MyPy (Static Code Analysis) - ✔︎ Successful
- Astral Ruff (Static Code Analysis) - ✔︎ Successful
- Whispers (Secret Scanner) - ✔︎ Successful
- Detect-secrets (Secret Scanner) - ✔︎ Successful
Bito Usage Guide
Commands
Type the following command in the pull request comment and save the comment.
-
/review- Manually triggers a full AI review. -
/pause- Pauses automatic reviews on this pull request. -
/resume- Resumes automatic reviews. -
/resolve- Marks all Bito-posted review comments as resolved. -
/abort- Cancels all in-progress reviews.
Refer to the documentation for additional commands.
Configuration
This repository uses Superset You can customize the agent settings here or contact your Bito workspace admin at evan@preset.io.
Documentation & Help
|
Running CI again. @aminghadersohi you might want to give this another review pass, including any open/unaddressed bot comments. |
|
Some people I can never get to rebase, but this one is getting rebased TOO often... please let CI sit if/when it turns green, otherwise this will never merge. |
Code Review Agent Run #d26f01Actionable Suggestions - 0Additional Suggestions - 1
Filtered by Review RulesBito filtered these suggestions based on rules created automatically for your feedback. Manage rules.
Review Details
Bito Usage GuideCommands Type the following command in the pull request comment and save the comment.
Refer to the documentation for additional commands. Configuration This repository uses Documentation & Help |
Code Review Agent Run #1e200eActionable Suggestions - 0Review Details
Bito Usage GuideCommands Type the following command in the pull request comment and save the comment.
Refer to the documentation for additional commands. Configuration This repository uses Documentation & Help |
Code Review Agent Run #29af93Actionable Suggestions - 0Review Details
Bito Usage GuideCommands Type the following command in the pull request comment and save the comment.
Refer to the documentation for additional commands. Configuration This repository uses Documentation & Help |
- Add _extract_role_names field validator to UserInfo.roles to coerce Role ORM objects to their .name strings, handling DetachedInstanceError - Update serialize_user_object to use the same coercion and escape LLM context delimiters on role names - Add unit tests for role coercion, escaping, and detached instance handling Fixes apache#40746
- Move logger import after third-party imports to fix ruff E402 - Replace hasattr(item, "name") with direct item.name access inside try/except to correctly catch DetachedInstanceError from SQLAlchemy lazy loads - Catch AttributeError alongside DetachedInstanceError for robustness - Remove unnecessary continue statements in _extract_role_names - Fix vacuous ternary in serialize_user_object: roles=roles instead of roles=roles if roles is not None else None Addresses review comments from aminghadersohi on PR apache#40746.
…in serialize_user_object sanitize_for_llm_context wraps strings in UNTRUSTED-CONTENT tags, which breaks round-trip assertions in unit tests. Operational identifiers like first_name and last_name should only have delimiter tokens escaped, not wrapped, matching the username/email pattern. Also update the malicious-role-names test to expect the new escaped delimiter format [ESCAPED-UNTRUSTED-CONTENT-OPEN]...[/CLOSE].
The escape_llm_context_delimiters helper only replaces explicit UNTRUSTED-CONTENT tokens, not arbitrary <|...|> substrings. Update the test assertion to match the actual behavior. Signed-off-by: goingforstudying-ctrl <goingforstudying-ctrl@users.noreply.github.com>
- Revert serialize_user_object to use sanitize_for_llm_context for first_name and last_name so user-controlled name fields are wrapped in explicit LLM-context delimiters. - Update test_schemas.py assertions to expect wrapped values. - Fix ruff import sorting in test_schemas.py.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Code Review Agent Run #10604eActionable Suggestions - 1
Review Details
Bito Usage GuideCommands Type the following command in the pull request comment and save the comment.
Refer to the documentation for additional commands. Configuration This repository uses Documentation & Help |
Fixes #40733
Problem
Multiple MCP tools (
get_dataset_info,get_chart_info,generate_chart) fail with a Pydantic validation error when the calling user has Superset roles assigned:The
UserInfomodel usesfrom_attributes=True, so Pydantic mapsuser.rolesdirectly. With the SQLAlchemy ORM,rolesreturnsRoleobjects—not strings—causing serialization to fail.Fix
Add a
field_validator("roles", mode=before)toUserInfothat coerces each item:str, keep it.nameattribute (Role ORM object), extractstr(item.name)This is idempotent and backward-compatible.
Impact
generate_chartwithsave_chart=trueno longer silently saves while reporting failure