fix: Only fetch actions available to an entity during schema validation #1095
Conversation
|
The latest updates on your projects. Learn more about Vercel for Git ↗︎
|
![ellipsis-dev[bot]](https://avatars.githubusercontent.com/in/64358?s=60&v=4){kind=small}
There was a problem hiding this comment.
👍 Looks good to me! Reviewed everything up to 9fe5466 in 15 seconds
More details
- Looked at
39lines of code in1files - Skipped
0files when reviewing. - Skipped posting
1drafted comments based on config settings.
1. python/composio/tools/toolset.py:435
- Draft comment:
Consider refreshing_connected_accountsto ensure it reflects the latest state, especially after filtering byentity_id. This prevents potential issues with stale data. - Reason this comment was not posted:
Comment did not seem useful.
Workflow ID: wflow_El7CN0bfStJNmb7r
You can customize Ellipsis with 👍 / 👎 feedback, review rules, user-specific overrides, quiet mode, and more.
| @@ -416,7 +416,7 @@ def add_auth( | |||
| parameters=parameters, | |||
| ) | |||
|
|
|||
| def check_connected_account(self, action: ActionType) -> None: | |||
| def check_connected_account(self, action: ActionType, entity_id: str) -> None: | |||
There was a problem hiding this comment.
The docstring should be updated to include the new entity_id parameter and its purpose. Consider adding:
"""
Args:
action (ActionType): The action to check authorization for
entity_id (str): The ID of the entity to check connected accounts for
"""| @@ -435,6 +435,7 @@ def check_connected_account(self, action: ActionType) -> None: | |||
| # Normalize app names/ids coming from API | |||
| connection.appUniqueId.upper() | |||
| for connection in self._connected_accounts | |||
| if connection.entityId == entity_id | |||
| ]: | |||
| raise ComposioSDKError( | |||
| f"No connected account found for app `{action.app}`; " | |||
There was a problem hiding this comment.
Consider enhancing the error message to include the entity ID for better debugging:
f"No connected account found for app `{action.app}` on entity `{entity_id}`; Run `composio add {action.app.lower()}` to fix this"
Code Review SummaryThe changes look good overall and improve security by adding entity-specific validation for connected accounts. Here's a brief assessment: Strengths:✅ Proper entity-specific validation of connected accounts Suggestions for Improvement:
Code Quality: 8/10The core changes are solid and improve security, with minor documentation improvements needed. The PR is ready to merge after addressing the documentation suggestions. |
There was a problem hiding this comment.
👍 Looks good to me! Incremental review on 3fda8b6 in 41 seconds
More details
- Looked at
38lines of code in2files - Skipped
0files when reviewing. - Skipped posting
2drafted comments based on config settings.
1. python/composio/client/collections.py:94
- Draft comment:
Setting a default value forentityIdinConnectedAccountModelmight lead to unexpected behavior if not intended for all instances. Consider handling defaults explicitly where needed. - Reason this comment was not posted:
Decided after close inspection that this draft comment was likely wrong and/or not actionable:
The comment suggests being cautious about setting default values. However, looking at the code:
- This is a Pydantic model for connected accounts
- DEFAULT_ENTITY_ID appears to be a constant imported specifically for this purpose
- The change makes the field required with a default rather than optional
- This seems like an intentional design choice to ensure entityId is always set
- There's no evidence this would cause issues
I could be missing context about how this model is used in practice. The default value could potentially mask bugs where entityId should be explicitly set.
The change from optional to required with default appears intentional and follows good practices of being explicit. The imported constant suggests this is the intended behavior.
The comment should be deleted as it questions an intentional design choice without strong evidence of any actual issues.
2. python/composio/tools/toolset.py:902
- Draft comment:
The addition ofentity_idparameter incheck_connected_accountensures entity-specific validation, aligning with the PR description. No issues here. - Reason this comment was not posted:
Confidence changes required:0%
The change in line 902 oftoolset.pypassesself.entity_idtocheck_connected_account. This is consistent with the PR description and ensures entity-specific validation. No issues here.
Workflow ID: wflow_xQvcvs5N0cFcfR7T
You can customize Ellipsis with 👍 / 👎 feedback, review rules, user-specific overrides, quiet mode, and more.
There was a problem hiding this comment.
❌ Changes requested. Incremental review on e71c298 in 39 seconds
More details
- Looked at
37lines of code in1files - Skipped
0files when reviewing. - Skipped posting
0drafted comments based on config settings.
Workflow ID: wflow_186vXRU5cQwnmntH
Want Ellipsis to fix these issues? Tag @ellipsis-dev in a comment. You can customize Ellipsis with 👍 / 👎 feedback, review rules, user-specific overrides, quiet mode, and more.
| @@ -224,10 +226,11 @@ def test_example( | |||
| # Wait for 2 minutes for example to run | |||
| proc.wait(timeout=180) | |||
|
|
|||
| filepath.write_text(original_source, encoding="utf-8") | |||
There was a problem hiding this comment.
Consider using a finally block to ensure filepath.write_text(original_source, encoding="utf-8") is executed even if an exception occurs during the test execution.
Important
Add
entity_idtocheck_connected_accountfor entity-specific validation intoolset.pyand set default inConnectedAccountModel.entity_idparameter tocheck_connected_accountintoolset.pyfor entity-specific action validation._execute_remoteandget_action_schemasintoolset.pyto useentity_id.entityIdtoDEFAULT_ENTITY_IDinConnectedAccountModelincollections.py.test_example.pyto restore original file content after test execution.This description was created by
for e71c298. It will automatically update as commits are pushed.