You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@airflow.apache.org by "sreenusuuda (via GitHub)" <gi...@apache.org> on 2024/02/15 16:08:36 UTC

[I] Message we show when user lacks website permission but have other permissions is wrong. [airflow]

sreenusuuda opened a new issue, #37455:
URL: https://github.com/apache/airflow/issues/37455

   ### Apache Airflow version
   
   2.8.1
   
   ### If "Other Airflow 2 version" selected, which one?
   
   _No response_
   
   ### What happened?
   
   We are displaying "Your user has no roles and/ or permissions!" when user lacks with website permission but having other permissions. 
   
   ### What you think should happen instead?
   
   We should show proper message saying user lacks website permission.
   
   ### How to reproduce
   
   1. Remove can read website permission from the list of permissions.
   2. Try to login to Airflow website. 
   
   ### Operating System
   
   mac os
   
   ### Versions of Apache Airflow Providers
   
   _No response_
   
   ### Deployment
   
   Docker-Compose
   
   ### Deployment details
   
   _No response_
   
   ### Anything else?
   
   _No response_
   
   ### Are you willing to submit PR?
   
   - [ ] Yes I am willing to submit a PR!
   
   ### Code of Conduct
   
   - [X] I agree to follow this project's [Code of Conduct](https://github.com/apache/airflow/blob/main/CODE_OF_CONDUCT.md)
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@airflow.apache.org.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

Re: [I] Message we show when user lacks website permission but have other permissions is wrong. [airflow]

Posted by "potiuk (via GitHub)" <gi...@apache.org>.

potiuk commented on issue #37455:
URL: https://github.com/apache/airflow/issues/37455#issuecomment-1961659194

   Similarly as in case of the other issue. Revealing more security information to someone who tries to get access to resources and does not have them is considered a bad security practice and we deliberately reveal absolute minimum. Deployment Manager has the possibility and can in this case look at the logs and find out details there.
   
   This is all deliberate, secure and there are no plans to change it.,


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@airflow.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

Re: [I] Message we show when user lacks website permission but have other permissions is wrong. [airflow]

Posted by "jscheffl (via GitHub)" <gi...@apache.org>.

jscheffl commented on issue #37455:
URL: https://github.com/apache/airflow/issues/37455#issuecomment-1955204604

   To use the Web UI in general some basic permissions are needed. On top of basic permissions most actions/verbs have specific permissions being assigned e.g. to view DAGs, change state or even have admin privileges.
   
   Yes and w/o the basic access permissions UI is probably not usable, but if other functions are permitted then API might be used.
   
   Is this a real functional problem for you or are you missing documentation about all permission settings available in UI? I'd rather call this a feature not a bug.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@airflow.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

Re: [I] Message we show when user lacks website permission but have other permissions is wrong. [airflow]

Posted by "potiuk (via GitHub)" <gi...@apache.org>.

potiuk closed issue #37455: Message we show when user lacks website permission but have other permissions is wrong. 
URL: https://github.com/apache/airflow/issues/37455


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@airflow.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

Re: [I] Message we show when user lacks website permission but have other permissions is wrong. [airflow]

Posted by "sreenusuuda (via GitHub)" <gi...@apache.org>.

sreenusuuda commented on issue #37455:
URL: https://github.com/apache/airflow/issues/37455#issuecomment-1961338076

   The current message states, 'Your user has no roles and/or permissions!', implying that the user doesn't have any role or permission assigned, even though they may have other permissions except for the website. Instead, displaying a message like 'User lacks website permission' would provide clearer information.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@airflow.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org