aminghadersohi commented on PR #40343: URL: https://github.com/apache/superset/pull/40343#issuecomment-4567315483
Applied Richard's latest round of review feedback from #40344 and #40348 — cross-applicable patterns updated here. **Applied:** - **`excluded_field_names=frozenset()` for theme `json_data`** (pattern from #40344 latest): Richard noted that `_sanitize_log_json()` using the default exclusion set lets values under keys like `url`, `uuid`, or `schema` slip through as escaped-but-unwrapped text. The same risk applies to `ThemeInfo.json_data`, which is a fully user-controlled design-token blob. Passing `excluded_field_names=frozenset()` to `sanitize_for_llm_context()` ensures every string leaf in `json_data` is wrapped in `<UNTRUSTED-CONTENT>` delimiters regardless of key name. **Not applied (noted for follow-up):** - **`get_schema` permission gap** (pattern from #40348): Richard flagged that `get_schema` is registered with `class_permission_name="Dataset"`, so users with CSS template/theme read permission but not Dataset permission can't call `get_schema(model_type="css_template")`. This was a pre-existing architectural limitation before this PR added the new model types. A proper fix requires dynamic per-model-type permission routing — leaving this as a tracked follow-up rather than doing it piecemeal here. - **dttm filter normalization, action log feature guards, task framework feature flag** — action-log / task-specific patterns, no applicable counterpart in css_template or theme tools. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
