751cc25327
## Summary
Two bugs in `agnes describe` surfaced from a real analyst session following the CLAUDE.md agent-rails discovery workflow. Together they break `agnes describe` end-to-end for any analyst (or analyst-AI) who follows the documented form.
### A) CLI parsing
`agnes describe TABLE -n 5` failed with `Missing argument 'TABLE_ID'`. Root cause: the command was registered as a `Typer.Typer` subcommand group via `app.add_typer(describe_app, name="describe")` + `@describe_app.callback(invoke_without_command=True)`, and that pattern mis-parses positional + short-int option in some orderings. Same pattern in `cli/commands/schema.py` works only because schema has no INTEGER short option. Fix: switch to flat `@app.command("describe")`.
### B) Server NaN
`/api/v2/sample/<id>` (called by `agnes describe`) returned HTTP 500 with `ValueError: Out of range float values are not JSON compliant: nan` whenever a row contained NaN. Fix: sanitize NaN/±inf to None before JSON serialization.
## Test plan
- [x] `pytest tests/test_cli_describe*.py` — added regression tests pinning `-n` parsing on either side of the positional.
- [x] `pytest tests/test_api_v2_sample*.py` — added regression test for NaN row → JSON `null` (not 500).
<!-- devin-review-badge-begin -->
---
<a href="https://app.devin.ai/review/keboola/agnes-the-ai-analyst/pull/224" target="_blank">
<picture>
<source media="(prefers-color-scheme: dark)" srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1" alt="Open in Devin Review">
</picture>
</a>
<!-- devin-review-badge-end -->
154 lines
6.1 KiB
Python
154 lines
6.1 KiB
Python
"""GET /api/v2/sample/{table_id}?n=5 — sample rows (spec §3.3)."""
|
|
|
|
from __future__ import annotations
|
|
import logging
|
|
import math
|
|
from fastapi import APIRouter, Depends, HTTPException, Query
|
|
import duckdb
|
|
|
|
from app.auth.dependencies import get_current_user, _get_db
|
|
from src.rbac import can_access_table
|
|
from src.repositories.table_registry import TableRegistryRepository
|
|
from app.api.v2_cache import TTLCache
|
|
from connectors.bigquery.access import BqAccess, BqAccessError, get_bq_access
|
|
|
|
logger = logging.getLogger(__name__)
|
|
router = APIRouter(prefix="/api/v2", tags=["v2"])
|
|
|
|
_sample_cache = TTLCache(maxsize=512, ttl_seconds=3600)
|
|
_MAX_N = 100
|
|
|
|
|
|
def _sanitize_for_json(obj):
|
|
"""Recursively replace NaN / ±inf floats with None so the response
|
|
survives JSON serialization. FastAPI's default encoder rejects these
|
|
(``ValueError: Out of range float values are not JSON compliant``)
|
|
even though Python's stdlib ``json`` accepts them by default. NaNs
|
|
show up routinely in DuckDB / BigQuery scans (NULL → NaN through the
|
|
pandas DataFrame round-trip), so the endpoint must sanitize at the
|
|
data-prep boundary rather than rely on the serializer."""
|
|
if isinstance(obj, float):
|
|
if math.isnan(obj) or math.isinf(obj):
|
|
return None
|
|
return obj
|
|
if isinstance(obj, list):
|
|
return [_sanitize_for_json(x) for x in obj]
|
|
if isinstance(obj, tuple):
|
|
return tuple(_sanitize_for_json(x) for x in obj)
|
|
if isinstance(obj, dict):
|
|
return {k: _sanitize_for_json(v) for k, v in obj.items()}
|
|
return obj
|
|
|
|
|
|
def _fetch_bq_sample(bq, dataset: str, table: str, n: int) -> list[dict]:
|
|
"""Fetch up to `n` sample rows from a BQ table via the DuckDB BQ extension.
|
|
|
|
`bq.duckdb_session()` provides a DuckDB conn with the bigquery extension
|
|
loaded + auth secret installed. SQL here is server-constructed (validated
|
|
identifiers + LIMIT n) — a BQ BadRequest means registry corruption, not
|
|
user fault, so it surfaces as `bq_upstream_error` (HTTP 502).
|
|
"""
|
|
from connectors.bigquery.access import translate_bq_error
|
|
from src.identifier_validation import validate_quoted_identifier
|
|
|
|
# Surface "BQ not configured" as the structured 500 BqAccessError(not_configured)
|
|
# with hint pointing at instance.yaml, NOT as the misleading 400 unsafe_identifier
|
|
# the empty-string sentinel BqAccess would otherwise trigger from
|
|
# validate_quoted_identifier below. Devin BUG_0002 on PR #138.
|
|
if not bq.projects.data:
|
|
bq.client() # raises BqAccessError(not_configured); endpoint catches it
|
|
|
|
# Defense in depth: registry already validates these, but the v2 API
|
|
# endpoints are downstream of admin REST writes that might bypass that
|
|
# gate. A `source_table` containing a backtick would otherwise break
|
|
# out of the `…` quoted identifier and execute arbitrary BQ SQL.
|
|
if not (validate_quoted_identifier(bq.projects.data, "BQ project")
|
|
and validate_quoted_identifier(dataset, "BQ dataset")
|
|
and validate_quoted_identifier(table, "BQ source_table")):
|
|
raise ValueError("unsafe BQ identifier in registry — refusing to query")
|
|
|
|
bq_sql = f"SELECT * FROM `{bq.projects.data}.{dataset}.{table}` LIMIT {int(n)}"
|
|
with bq.duckdb_session() as conn:
|
|
try:
|
|
df = conn.execute(
|
|
"SELECT * FROM bigquery_query(?, ?)",
|
|
[bq.projects.billing, bq_sql],
|
|
).fetchdf()
|
|
return df.to_dict(orient="records")
|
|
except Exception as e:
|
|
raise translate_bq_error(e, bq.projects, bad_request_status="upstream_error")
|
|
|
|
|
|
def build_sample(
|
|
conn: duckdb.DuckDBPyConnection,
|
|
user: dict,
|
|
table_id: str,
|
|
*,
|
|
n: int,
|
|
bq: BqAccess,
|
|
) -> dict:
|
|
n = max(1, min(int(n), _MAX_N))
|
|
|
|
# RBAC + existence check MUST run before cache lookup — otherwise an
|
|
# unauthorized user can read cached sample rows fetched by an authorized one.
|
|
repo = TableRegistryRepository(conn)
|
|
row = repo.get(table_id)
|
|
if not row:
|
|
raise FileNotFoundError(table_id)
|
|
|
|
if not can_access_table(user, table_id, conn):
|
|
raise PermissionError(table_id)
|
|
|
|
cache_key = f"{table_id}|{n}"
|
|
cached = _sample_cache.get(cache_key)
|
|
if cached is not None:
|
|
return cached
|
|
|
|
source_type = row.get("source_type") or ""
|
|
if source_type == "bigquery":
|
|
rows = _fetch_bq_sample(bq, row.get("bucket") or "", row.get("source_table") or table_id, n)
|
|
else:
|
|
from app.utils import get_data_dir
|
|
parquet = get_data_dir() / "extracts" / source_type / "data" / f"{table_id}.parquet"
|
|
c = duckdb.connect(":memory:")
|
|
try:
|
|
df = c.execute(
|
|
f"SELECT * FROM read_parquet(?) LIMIT {n}",
|
|
[str(parquet)],
|
|
).fetchdf()
|
|
rows = df.to_dict(orient="records")
|
|
finally:
|
|
c.close()
|
|
|
|
rows = _sanitize_for_json(rows)
|
|
payload = {"table_id": table_id, "rows": rows, "source": source_type}
|
|
_sample_cache.set(cache_key, payload)
|
|
return payload
|
|
|
|
|
|
@router.get("/sample/{table_id}")
|
|
def sample(
|
|
table_id: str,
|
|
n: int = Query(default=5, ge=1, le=_MAX_N),
|
|
user: dict = Depends(get_current_user),
|
|
conn: duckdb.DuckDBPyConnection = Depends(_get_db),
|
|
bq: BqAccess = Depends(get_bq_access),
|
|
):
|
|
# Plain ``def`` — opens a `bq.duckdb_session()` and runs sync queries
|
|
# through the BQ extension. See PR #188 Tier 1 entry.
|
|
try:
|
|
return build_sample(conn, user, table_id, n=n, bq=bq)
|
|
except FileNotFoundError:
|
|
raise HTTPException(status_code=404, detail=f"table {table_id!r} not found")
|
|
except PermissionError:
|
|
raise HTTPException(status_code=403, detail="not authorized for this table")
|
|
except ValueError as e:
|
|
raise HTTPException(
|
|
status_code=400,
|
|
detail={"error": "unsafe_identifier", "message": str(e), "details": {}},
|
|
)
|
|
except BqAccessError as e:
|
|
raise HTTPException(
|
|
status_code=BqAccessError.HTTP_STATUS.get(e.kind, 500),
|
|
detail={"error": e.kind, "message": e.message, "details": e.details},
|
|
)
|