fix(chart): keep query-context updates bound to the chart's datasource#40955
fix(chart): keep query-context updates bound to the chart's datasource#40955rusackas wants to merge 2 commits into
Conversation
Code Review Agent Run #e31e08Actionable Suggestions - 0Review Details
Bito Usage GuideCommands Type the following command in the pull request comment and save the comment.
Refer to the documentation for additional commands. Configuration This repository uses Documentation & Help AI Code Review powered by |
Codecov Report❌ Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## master #40955 +/- ##
==========================================
- Coverage 64.28% 64.27% -0.02%
==========================================
Files 2659 2659
Lines 144304 144330 +26
Branches 33260 33264 +4
==========================================
- Hits 92773 92772 -1
- Misses 49902 49927 +25
- Partials 1629 1631 +2
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Harness. 🚀 New features to boost your workflow:
|
On the query-context-only update path UpdateChartCommand intentionally skips the ownership check so report and alert workers can refresh a chart's cached payload. Validate that the submitted query context still targets the chart's own datasource (id and type) before saving, so a cached payload cannot be repointed at an unrelated datasource. Payloads without a parseable datasource fall back to the chart's datasource at execution time and are left unchanged. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
rusackas
force-pushed
the
fix/chart-query-context-datasource-validation
branch
from
d544bff to
1c438a5
Compare
![codeant-ai-for-open-source[bot]](https://avatars.githubusercontent.com/u/151810221?s=60&v=4){kind=small}
A datasource object with a matching id but no type was treated as valid, but query-context loading reads datasource["type"] directly and would raise KeyError when the saved context is later replayed. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Code Review Agent Run #1ef6c1Actionable Suggestions - 0Review Details
Bito Usage GuideCommands Type the following command in the pull request comment and save the comment.
Refer to the documentation for additional commands. Configuration This repository uses Documentation & Help AI Code Review powered by |
2 participants
SUMMARY
When a chart is updated with only a
query_context(the{query_context, query_context_generation}payload that report and alertworkers use to refresh a chart's cached payload),
UpdateChartCommandintentionally skips the ownership check so those background workers can save
context without owning the chart.
This change keeps that payload internally consistent: before saving, it
validates that the submitted
query_context.datasourcestill references thechart's own persisted
datasource_id(and type). A payload that points at adifferent datasource is rejected with a 400 rather than being stored as-is.
Payloads that don't carry a parseable
datasourceare unchanged — at executiontime they already fall back to the chart's own datasource — so there's no
behavior change for the normal save flow.
It's a small, well-scoped robustness check on the chart update path so a
chart's stored query context can't drift away from the chart's actual
datasource.
TESTING INSTRUCTIONS
Unit tests added in
tests/unit_tests/commands/chart/update_test.py:(
ChartInvalidError→ 400), including the id-as-string casealone (no false positives)
ADDITIONAL INFORMATION
🤖 Generated with Claude Code