Re: [PR] fix(Database Connection Form): Added validation to db credential input [superset]

[via GitHub]

codeant-ai-for-open-source[bot] commented on code in PR #37919:
URL: https://github.com/apache/superset/pull/37919#discussion_r2796265674


##########
superset-frontend/src/features/databases/DatabaseModal/DatabaseConnectionForm/EncryptedField.tsx:
##########
@@ -113,22 +120,27 @@ export const EncryptedField = ({
       {uploadOption === CredentialInfoOptions.CopyPaste ||
       isEditMode ||
       editNewDb ? (
-        <div className="input-container">
-          <FormLabel>{t('Service Account')}</FormLabel>
-          <Input.TextArea
-            className="input-form"
-            name={encryptedField}
-            value={
-              typeof encryptedValue === 'boolean'
-                ? String(encryptedValue)
-                : encryptedValue
-            }
-            onChange={changeMethods.onParametersChange}
-            placeholder={t(
-              'Paste content of service credentials JSON file here',
-            )}
-          />
-        </div>
+        <ValidatedInput
+          id={encryptedField}
+          name={encryptedField}
+          required={false}
+          isValidating={isValidating}
+          value={
+            typeof encryptedValue === 'boolean'
+              ? String(encryptedValue)
+              : encryptedValue
+          }
+          validationMethods={{ onBlur: getValidation }}
+          errorMessage={validationErrors?.query}

Review Comment:
   **Suggestion:** The error message for the credentials textarea is hardcoded 
to use the `query` validation error, so any validation errors associated with 
the encrypted credentials field will never be shown; instead, you should use 
the same key (`encryptedField`) that you use when updating parameters so that 
the error displayed corresponds to this field. [logic error]
   
   <details>
   <summary><b>Severity Level:</b> Major ⚠️</summary>
   
   ```mdx
   - ⚠️ Service credentials validation errors not displayed in connection modal.
   - ⚠️ Users see failing validation without field-level error context.
   - ⚠️ Troubleshooting invalid BigQuery/GSheets credentials becomes harder.
   ```
   </details>
   
   ```suggestion
             errorMessage={
               encryptedField ? validationErrors?.[encryptedField] : null
             }
   ```
   <details>
   <summary><b>Steps of Reproduction ✅ </b></summary>
   
   ```mdx
   1. Open the database connection modal for a BigQuery or GSheets database, 
which renders
   `EncryptedField` from
   
`superset-frontend/src/features/databases/DatabaseModal/DatabaseConnectionForm/EncryptedField.tsx`.
   
   2. Ensure the engine sets `encryptedField` (map in `EncryptedField` at lines 
~38–48, e.g.
   `bigquery: 'credentials_info'` or `gsheets: 'service_account_info'`).
   
   3. Enter invalid or incomplete service credentials (either via copy-paste 
textarea or JSON
   upload) so that `EncryptedField` calls `getValidation()` (onBlur for 
`ValidatedInput`, or
   after file upload at lines 167–181).
   
   4. When validation populates `validationErrors` keyed by the credentials 
field name (e.g.
   `validationErrors.credentials_info`), `EncryptedField` still reads only
   `validationErrors?.query` (line 134), so the `ValidatedInput` `errorMessage` 
prop remains
   undefined and no error is shown for this field despite the presence of a 
validation error.
   ```
   </details>
   <details>
   <summary><b>Prompt for AI Agent 🤖 </b></summary>
   
   ```mdx
   This is a comment left during a code review.
   
   **Path:** 
superset-frontend/src/features/databases/DatabaseModal/DatabaseConnectionForm/EncryptedField.tsx
   **Line:** 134:134
   **Comment:**
        *Logic Error: The error message for the credentials textarea is 
hardcoded to use the `query` validation error, so any validation errors 
associated with the encrypted credentials field will never be shown; instead, 
you should use the same key (`encryptedField`) that you use when updating 
parameters so that the error displayed corresponds to this field.
   
   Validate the correctness of the flagged issue. If correct, How can I resolve 
this? If you propose a fix, implement it and please make it concise.
   ```
   </details>
   <a 
href='https://app.codeant.ai/feedback?pr_url=https%3A%2F%2Fgithub.com%2Fapache%2Fsuperset%2Fpull%2F37919&comment_hash=01a0aac1218309b8f90c73856b6009528ef1fb1c8da30920f1588433c798ed8b&reaction=like'>👍</a>
 | <a 
href='https://app.codeant.ai/feedback?pr_url=https%3A%2F%2Fgithub.com%2Fapache%2Fsuperset%2Fpull%2F37919&comment_hash=01a0aac1218309b8f90c73856b6009528ef1fb1c8da30920f1588433c798ed8b&reaction=dislike'>👎</a>



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscr...@superset.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscr...@superset.apache.org
For additional commands, e-mail: notifications-h...@superset.apache.org