feat: support for import/export masked_encrypted_extra (frontend)#38078
Conversation
|
Bito Automatic Review Skipped - Branch Excluded |
Sequence DiagramShows how the frontend collects masked_encrypted_extra secrets during import and sends them to the import API, and the alternate path where the API requests missing encrypted fields which the frontend then renders for the user to fill. sequenceDiagram
participant User
participant Frontend as "Import / Database Modal"
participant Hook as "useImportResource"
participant API as "Superset Import API"
User->>Frontend: Select import bundle + enter encrypted_extra secrets
Frontend->>Hook: onUpload/onDbImport(bundle, ..., encryptedExtraSecrets)
Hook->>API: POST /api/v1/<resource>/import/ (formData includes encrypted_extra_secrets)
alt API accepts secrets (success)
API-->>Hook: 200 OK (import succeeded)
Hook-->>Frontend: update state (clear needs), return success
Frontend-->>User: show success (toast / close modal)
else API needs encrypted fields (missing/secrets masked)
API-->>Hook: 400 validation error (masked_encrypted_extra messages)
Hook-->>Frontend: set encryptedExtraFieldsNeeded (file+paths+labels)
Frontend-->>User: render encrypted extra input fields for those files
end
Generated by CodeAnt AI |
✅ Deploy Preview for superset-docs-preview ready!
To edit notification comments on pull requests, go to your Netlify project configuration. |
Vitor-Avila
force-pushed
the
feat/masked-encrypted-extra-import-export-backend
branch
from
df23c4a to
c6258bb
Compare
|
Yes, extracting this type to a shared interface would be a good idea for maintainability. The type superset-frontend/src/views/CRUD/types.ts |
| return encryptedExtraFields.map(({ fileName, fields }) => ( | ||
| <div key={fileName}> | ||
| <StyledAlertMargin> | ||
| <Alert |
There was a problem hiding this comment.
Do we want to repeat that alert multiple times for each encryptedExtraField? Perhaps we should just display it once at the top?
There was a problem hiding this comment.
Synced with @kgabryje offline and we should be good here.
|
@Vitor-Avila wanna address comments and rebase? Happy to merge this. |
Vitor-Avila
force-pushed
the
feat/masked-encrypted-extra-import-export-frontend
branch
from
cd779ef to
dd207b5
Compare
codeant-ai-for-open-source
Bot
added
the
size:L
Sequence DiagramShows how the frontend prompts for masked encrypted extra fields during import, sends provided secrets to the backend, and completes the import. This captures the core user+UI+hook+API interactions added in this PR. sequenceDiagram
participant User
participant ImportModal as UI
participant Hook as useImportResource
participant Server as API
User->>UI: Upload import bundle
UI->>Hook: importResource(bundle, passwords..., encryptedExtraSecrets={})
Hook->>Server: POST /api/v1/<resource>/import (formData without encrypted_extra_secrets)
Server-->>Hook: 200 with validation error: masked_encrypted_extra fields needed
Hook-->>UI: set encryptedExtraFieldsNeeded (file + field paths/labels)
UI-->>User: Render inputs asking for encrypted extra secrets
User->>UI: Fill secrets and click Import
UI->>Hook: importResource(bundle, ..., encryptedExtraSecrets={file: {path: secret}})
Hook->>Server: POST /api/v1/<resource>/import (formData includes encrypted_extra_secrets)
Server-->>Hook: 200 OK (import success)
Hook-->>UI: clear needed flags, return success
UI-->>User: Show success toast
Generated by CodeAnt AI |
Code Review Agent Run #384f76Actionable Suggestions - 0Additional Suggestions - 2
Review Details
Bito Usage GuideCommands Type the following command in the pull request comment and save the comment.
Refer to the documentation for additional commands. Configuration This repository uses Documentation & Help AI Code Review powered by |
Code Review Agent Run #0a8edeActionable Suggestions - 0Review Details
Bito Usage GuideCommands Type the following command in the pull request comment and save the comment.
Refer to the documentation for additional commands. Configuration This repository uses Documentation & Help AI Code Review powered by |
Vitor-Avila
deleted the
feat/masked-encrypted-extra-import-export-frontend
branch
- development-setup.md: update Node.js prerequisite from v20 to v22 LTS (PR #37223 — project minimum Node version upgraded) - importing-exporting-datasources.mdx: document that masked_encrypted_extra (sensitive connection parameters like service account JSON) is now included in database import/export (PR #38078) - security.mdx: add note that get_samples() enforces datasource-level access control, closing prior gap where unprivileged users could fetch sample rows (PR #36550) - exploring-data.mdx: document natural language time range expressions including new "first of" expressions (first day/week of month/quarter/year) supported in the Custom time range picker (PR #37098) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
3 participants
User description
SUMMARY
This PR adds support for exporting/importing
masked_encrypted_extrainfo from DB connections. This is useful for:secure_extraStacked diffs implementation
The feature was split into 3 PRs:
#38075 can be merged now. Once it gets merged, #38077 can get merged as well (shouldn't impact the frontend) and this one can be merged last. As they get merged I'll update the PRs to point to
master.BEFORE/AFTER SCREENSHOTS OR ANIMATED GIF
Export demo
During the export, Superset checks if there's any diff between
encrypted_extraandmasked_encrypted_extra:masked_encrypted_extrawith fields properly masked.encrypted_extradirectly. Note that the import already supportsencrypted_extra(not part of this PR).Export.Flow.mov
Import demo
During the import, the modal prompts users to provide masked fields:
Import.Flow.mov
I also forced a test connection to prompt both for password and secure extra info:
ADDITIONAL INFORMATION
CodeAnt-AI Description
Support importing masked encrypted extra fields (frontend)
What Changed
Impact
✅ Clearer encrypted-field prompts during import✅ Fewer import failures due to missing masked secrets✅ Ability to import databases with masked secure extras💡 Usage Guide
Checking Your Pull Request
Every time you make a pull request, our system automatically looks through it. We check for security issues, mistakes in how you're setting up your infrastructure, and common code problems. We do this to make sure your changes are solid and won't cause any trouble later.
Talking to CodeAnt AI
Got a question or need a hand with something in your pull request? You can easily get in touch with CodeAnt AI right here. Just type the following in a comment on your pull request, and replace "Your question here" with whatever you want to ask:
This lets you have a chat with CodeAnt AI about your pull request, making it easier to understand and improve your code.
Example
Preserve Org Learnings with CodeAnt
You can record team preferences so CodeAnt AI applies them in future reviews. Reply directly to the specific CodeAnt AI suggestion (in the same thread) and replace "Your feedback here" with your input:
This helps CodeAnt AI learn and adapt to your team's coding style and standards.
Example
Retrigger review
Ask CodeAnt AI to review the PR again, by typing:
Check Your Repository Health
To analyze the health of your code repository, visit our dashboard at https://app.codeant.ai. This tool helps you identify potential issues and areas for improvement in your codebase, ensuring your repository maintains high standards of code health.