mirror of
https://github.com/apache/superset.git
synced 2026-05-22 08:15:36 +00:00
10f71bdcd5
Copilot flagged two stragglers on editors.md where the previous file-by-file conversion stopped halfway. Sweeping for the same pattern across the active content tree found 76 bare relative internal links total — 14 in this PR's already-modified files (Copilot's two plus twelve more) and 62 in unchanged files. Why the build doesn't catch this ───────────────────────────────── `onBrokenLinks: 'throw'` (set in this PR) only validates *file-based* markdown references — links whose URL ends in `.md` / `.mdx`. Those go through Docusaurus's file resolver, which can prove the target exists. Bare relative URL paths like `[Foo](../foo)` skip that resolver entirely; Docusaurus emits them as raw hrefs. The browser then resolves them against the *current* page URL, and for trailing-slash routes that almost always lands in the wrong directory. Page navigates client-side and 404s. The linkinator job in CI *can* catch these, but it's `continue-on-error: true` so findings are advisory. What this commit does ────────────────────── 1. Fix all 76 bare relative internal links across the active docs tree by appending `.md` to each one (preserving anchors / query strings). All 76 targets resolved to real files; no link targets changed, only the form of the reference. 2. Fix the component-page generator. 54 of the 76 bare links lived in two auto-generated index files (`components/ui/index.mdx` and `components/design-system/index.mdx`). The next regeneration would have undone the manual fixes without this. The two emission sites in `generate-superset-components.mjs` now emit `.md`-suffixed links; comment at the call site explains why. 3. Add `docs/scripts/lint-docs-links.mjs` — fast source-level linter that scans `.md`/`.mdx` files under the active content trees (skipping `versioned_docs/` snapshots) and fails if it finds any markdown link whose URL starts with `./` or `../` and does not end in `.md`/`.mdx`. Excludes asset paths (.png, .json, etc.) and ignores fenced code blocks. Wired up as `yarn lint:docs-links`. 4. Add a `Lint docs links` step to `superset-docs-verify.yml`, running before the build step so PRs that introduce the pattern fail in seconds rather than at build-time / not at all. Blocking, not advisory — exactly the gap linkinator's `continue-on-error` leaves open. Verified ──────── - `yarn lint:docs-links` exits 0 on the cleaned tree - Re-introducing one bare link makes the linter report the exact file:line with the offending URL, exit code 1 - All 76 originally-flagged targets resolved to real `.md` / `.mdx` files; only the form of the reference changed
8.7 KiB
8.7 KiB
title, sidebar_position
| title | sidebar_position |
|---|---|
| Overview | 1 |
Backend Style Guidelines
This is a list of statements that describe how we do backend development in Superset. While they might not be 100% true for all files in the repo, they represent the gold standard we strive towards for backend quality and style.
- We use a monolithic Python/Flask/Flask-AppBuilder backend, with small single-responsibility satellite services where necessary.
- Files are generally organized by feature or object type. Within each domain, we can have api controllers, models, schemas, commands, and data access objects (DAO).
- API controllers use Marshmallow Schemas to serialize/deserialize data.
- Authentication and authorization are controlled by the security manager.
- We use Pytest for unit and integration tests. These live in the
testsdirectory. - We add tests for every new piece of functionality added to the backend.
- We use pytest fixtures to share setup between tests.
- We use SQLAlchemy to access both Superset's application database, and users' analytics databases.
- We make changes backwards compatible whenever possible.
- If a change cannot be made backwards compatible, it goes into a major release.
- See: Proposal For Semantic Versioning
- We use Swagger for API documentation, with docs written inline on the API endpoint code.
- We prefer thin ORM models, putting shared functionality in other utilities.
- Several linters/checkers are used to maintain consistent code style and type safety: pylint, mypy, black, isort.
__init__.pyfiles are kept empty to avoid implicit dependencies.
Code Organization
Domain-Driven Structure
Organize code by business domain rather than technical layers:
superset/
├── dashboards/
│ ├── api.py # API endpoints
│ ├── commands/ # Business logic
│ ├── dao.py # Data access layer
│ ├── models.py # Database models
│ └── schemas.py # Serialization schemas
├── charts/
│ ├── api.py
│ ├── commands/
│ ├── dao.py
│ ├── models.py
│ └── schemas.py
API Controllers
Use Flask-AppBuilder with Marshmallow schemas:
from flask_appbuilder.api import BaseApi
from marshmallow import Schema, fields
class DashboardSchema(Schema):
id = fields.Integer()
dashboard_title = fields.String(required=True)
created_on = fields.DateTime(dump_only=True)
class DashboardApi(BaseApi):
resource_name = "dashboard"
openapi_spec_tag = "Dashboards"
@expose("/", methods=["GET"])
@protect()
@safe
def get_list(self) -> Response:
"""Get a list of dashboards"""
# Implementation
Commands Pattern
Use commands for business logic:
from typing import Optional
from superset.commands.base import BaseCommand
from superset.dashboards.dao import DashboardDAO
class CreateDashboardCommand(BaseCommand):
def __init__(self, properties: Dict[str, Any]):
self._properties = properties
def run(self) -> Dashboard:
self.validate()
return DashboardDAO.create(self._properties)
def validate(self) -> None:
if not self._properties.get("dashboard_title"):
raise ValidationError("Title is required")
Data Access Objects (DAOs)
See: DAO Style Guidelines and Best Practices
Testing
Unit Tests
import pytest
from unittest.mock import patch
from superset.dashboards.commands.create import CreateDashboardCommand
def test_create_dashboard_success():
properties = {
"dashboard_title": "Test Dashboard",
"owners": [1]
}
command = CreateDashboardCommand(properties)
dashboard = command.run()
assert dashboard.dashboard_title == "Test Dashboard"
def test_create_dashboard_validation_error():
properties = {} # Missing required title
command = CreateDashboardCommand(properties)
with pytest.raises(ValidationError):
command.run()
Integration Tests
import pytest
from superset.app import create_app
from superset.extensions import db
@pytest.fixture
def app():
app = create_app()
app.config["TESTING"] = True
with app.app_context():
db.create_all()
yield app
db.drop_all()
def test_dashboard_api_create(app, auth_headers):
with app.test_client() as client:
response = client.post(
"/api/v1/dashboard/",
json={"dashboard_title": "Test Dashboard"},
headers=auth_headers
)
assert response.status_code == 201
Security
Authorization Decorators
from flask_appbuilder.security.decorators import has_access
class DashboardApi(BaseApi):
@expose("/", methods=["POST"])
@protect()
@has_access("can_write", "Dashboard")
def post(self) -> Response:
"""Create a new dashboard"""
# Implementation
Input Validation
from marshmallow import Schema, fields, validate
class DashboardSchema(Schema):
dashboard_title = fields.String(
required=True,
validate=validate.Length(min=1, max=500)
)
slug = fields.String(
validate=validate.Regexp(r'^[a-z0-9-]+$')
)
Database Operations
Use SQLAlchemy ORM
from sqlalchemy import Column, Integer, String, Text
from superset.models.helpers import AuditMixinNullable
class Dashboard(Model, AuditMixinNullable):
__tablename__ = "dashboards"
id = Column(Integer, primary_key=True)
dashboard_title = Column(String(500))
position_json = Column(Text)
def __repr__(self) -> str:
return f"<Dashboard {self.dashboard_title}>"
Database Migrations
# migration file
def upgrade():
op.add_column(
"dashboards",
sa.Column("new_column", sa.String(255), nullable=True)
)
def downgrade():
op.drop_column("dashboards", "new_column")
Error Handling
Custom Exceptions
class SupersetException(Exception):
"""Base exception for Superset"""
pass
class ValidationError(SupersetException):
"""Raised when validation fails"""
pass
class SecurityException(SupersetException):
"""Raised when security check fails"""
pass
Error Responses
from flask import jsonify
from werkzeug.exceptions import BadRequest
@app.errorhandler(ValidationError)
def handle_validation_error(error):
return jsonify({
"message": str(error),
"error_type": "VALIDATION_ERROR"
}), 400
Type Hints and Documentation
Use Type Hints
from typing import List, Optional, Dict, Any
from superset.models.dashboard import Dashboard
def get_dashboards_by_owner(owner_id: int) -> List[Dashboard]:
"""Get all dashboards owned by a specific user"""
return db.session.query(Dashboard).filter_by(owner_id=owner_id).all()
def create_dashboard(properties: Dict[str, Any]) -> Optional[Dashboard]:
"""Create a new dashboard with the given properties"""
# Implementation
API Documentation
from flask_appbuilder.api import BaseApi
from flask_appbuilder.api.schemas import get_list_schema
class DashboardApi(BaseApi):
@expose("/", methods=["GET"])
@protect()
@safe
def get_list(self) -> Response:
"""Get a list of dashboards
---
get:
description: >-
Get a list of dashboards
parameters:
- in: query
schema:
type: integer
name: page_size
description: Number of results per page
responses:
200:
description: Success
content:
application/json:
schema:
$ref: '#/components/schemas/DashboardListResponse'
"""
# Implementation