refactor(bulk_select): Fix bulk select tagging issues for users

[LevisNgigi]

fix(bulk_select): allow users to tag a saved query if using bulk select

SUMMARY

This PR addresses an issue where users were unable to tag objects despite having the necessary permissions. The changes ensure that the tagging functionality correctly validates user ownership or edit permissions and allows tagging where applicable. Additionally, it refines error handling to avoid unnecessary warnings while maintaining robust validation for invalid objects.

BEFORE/AFTER SCREENSHOTS OR ANIMATED GIF

TESTING INSTRUCTIONS

1. Create a saved query
2. Go to saved query tab
3. Click bulk select
4. Select the created query
5. Click Add Tag
6. Add any tag
   Note that you'll need to have the feature flag TAGGING_SYSTEM enabled and create a tag in the Tags page (in Settings) first before going through the repro steps.

ADDITIONAL INFORMATION

• [ x] Has associated issue:Fixes Users can not tag a saved query if using bulk select  #27988
• Required feature flags:The TAGGING_SYSTEM flag must be enabled.
• Changes UI
• Includes DB Migration (follow approval process in SIP-59)
  • Migration is atomic, supports rollback & is backwards-compatible
  • Confirm DB migration upgrade and downgrade tested
  • Runtime estimates and downtime expectations provided
• Introduces new feature or API
• Removes existing feature or API

[korbit-ai]

Review by Korbit AI

Korbit automatically attempts to detect when you fix issues in new commits.

Category	Issue	Fix Detected
	Incomplete Error Notification for Skipped Items ▹ view
	Improve error handling for bulk tag creation API. ▹ view
	Generic Error Message in Catch Block ▹ view
	Improper handling of SupersetSecurityException. ▹ view
	Lost Error Context in Catch Block ▹ view

Suppressed issues based on your team's Korbit activity

​

This issue	Is similar to	Because
lines 101:102: The catch block silently swallows the SupersetSecurityException without logging the error details or context	Silent Exception Suppression	Similar issues were not addressed in the past

When you react to issues (for example, an upvote or downvote) or you fix them, Korbit will tune future reviews based on these signals.

Files scanned

​

File Path	Reviewed
superset-frontend/src/features/tags/BulkTagModal.tsx	✅
superset/commands/tag/create.py	✅

Explore our documentation to understand the languages and file types we support and the files we ignore.

Need a new review? Comment /korbit-review on this PR and I'll review your latest changes.

Korbit Guide: Usage and Customization

Interacting with Korbit

• You can manually ask Korbit to review your PR using the /korbit-review command in a comment at the root of your PR.
• You can ask Korbit to generate a new PR description using the /korbit-generate-pr-description command in any comment on your PR.
• Too many Korbit comments? I can resolve all my comment threads if you use the /korbit-resolve command in any comment on your PR.
• Chat with Korbit on issues we post by tagging @korbit-ai in your reply.
• Help train Korbit to improve your reviews by giving a 👍 or 👎 on the comments Korbit posts.

Customizing Korbit

• Check out our docs on how you can make Korbit work best for you and your team.
• Customize Korbit for your organization through the Korbit Console.

Current Korbit Configuration

General Settings

​

Setting	Value
Review Schedule	Automatic excluding drafts
Max Issue Count	10
Automatic PR Descriptions	❌

Issue Categories

​

Category	Enabled
Naming	✅
Database Operations	✅
Documentation	✅
Logging	✅
Error Handling	✅
Systems and Environment	✅
Objects and Data Structures	✅
Readability and Maintainability	✅
Asynchronous Processing	✅
Design Patterns	✅
Third-Party Libraries	✅
Performance	✅
Security	✅
Functionality	✅

Feedback and Support

• Tell us what you think of Korbit
• Schedule a call with our team
• Email us @ [email protected]

Note

Korbit Pro is free for open source projects 🎉

Looking to add Korbit to your team? Get started with a free 2 week trial here

[korbit-ai]

Improper handling of SupersetSecurityException.

Tell me more

​

The code is catching a SupersetSecurityException and simply adding the object to a skipped list without properly handling the exception. Ignoring security exceptions can potentially lead to unauthorized access. Consider logging the exception, notifying the user about the lack of access, and evaluating if execution should be halted in such cases. Skipping objects due to security exceptions should be done cautiously with proper logging.

Chat with Korbit by mentioning @korbit-ai, and give a 👍 or 👎 to help Korbit improve your reviews.

[codecov]

Codecov Report

Attention: Patch coverage is 58.33333% with 5 lines in your changes missing coverage. Please review.

Project coverage is 70.94%. Comparing base (76d897e) to head (b83a238).
Report is 1242 commits behind head on master.

Files with missing lines	Patch %	Lines
superset/commands/tag/create.py	58.33%	5 Missing ⚠️

Additional details and impacted files

@@             Coverage Diff             @@
##           master   #31631       +/-   ##
===========================================
+ Coverage   60.48%   70.94%   +10.45%     
===========================================
  Files        1931     2002       +71     
  Lines       76236    81020     +4784     
  Branches     8568     9216      +648     
===========================================
+ Hits        46114    57481    +11367     
+ Misses      28017    21298     -6719     
- Partials     2105     2241      +136     

Flag	Coverage Δ
hive	48.76% <16.66%> (-0.41%)	⬇️
javascript	58.99% <ø> (+1.27%)	⬆️
mysql	76.50% <58.33%> (?)
postgres	76.56% <58.33%> (?)
presto	53.27% <16.66%> (-0.54%)	⬇️
python	83.74% <58.33%> (+20.25%)	⬆️
sqlite	76.02% <58.33%> (?)
unit	60.87% <58.33%> (+3.25%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.