You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@airflow.apache.org by GitBox <gi...@apache.org> on 2018/09/13 13:56:16 UTC
[GitHub] XD-DENG edited a comment on issue #3889: [AIRFLOW-3048] Add access
to self-manage pages for non-Admin roles
XD-DENG edited a comment on issue #3889: [AIRFLOW-3048] Add access to self-manage pages for non-Admin roles
URL: https://github.com/apache/incubator-airflow/pull/3889#issuecomment-421012245
Hi @feng-tao , I have made some changes. May you take another look and let me know if it's making sense to you and kindly give your inputs? *The CI would not pass given I haven't started to work on the tests. Will do that after we confirm on the fix solution itself*.
**Some elaborations**: as you mentioned, there are 5 authentication models in total,
- No matter which authentication model we use, users should always be able to have permission `can_userinfo`, so that they can access the `Profile` page.
- For another 4 authentication models (excluding DB authentication), users should NOT be able to edit their profile or reset password in Airflow interface (they're supposed to do that in the "main interface" of the corresponding authentication model). So, we ONLY add permissions `resetmypassword` and `userinfoedit` when view `UserDBModelView` is being used (i.e. DB authentication is being used).
So eventually, users would always be able to access `Profile` page, but only able to reset password for him/herself or change profile when DB authentication is being used.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services