You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@airflow.apache.org by ka...@apache.org on 2020/11/19 22:41:04 UTC
[airflow] 02/02: Sync FAB Permissions for all base views (#12162)
This is an automated email from the ASF dual-hosted git repository.
kaxilnaik pushed a commit to branch v1-10-test
in repository https://gitbox.apache.org/repos/asf/airflow.git
commit ab9f9903d10c06f6be1b9d617aecd59c2a5e9f66
Author: Kaxil Naik <ka...@gmail.com>
AuthorDate: Sat Nov 7 17:32:53 2020 +0000
Sync FAB Permissions for all base views (#12162)
If a user has set `[webserver] update_fab_perms = False` and runs `airflow sync-perm` command to sync all permissions, they will receive the following error:
```
webserver_1 | [2020-11-07 15:13:07,431] {decorators.py:113} WARNING - Access is Denied for: can_index on: Airflow
```
and if the user was created before and some perms were sync'd a user won't be able to find Security Menu & Configurations View
---
airflow/bin/cli.py | 1 +
tests/core/test_core.py | 1 +
2 files changed, 2 insertions(+)
diff --git a/airflow/bin/cli.py b/airflow/bin/cli.py
index 1fb3b88..37f70c4 100644
--- a/airflow/bin/cli.py
+++ b/airflow/bin/cli.py
@@ -1863,6 +1863,7 @@ def sync_perm(args): # noqa
appbuilder = cached_appbuilder()
print('Updating permission, view-menu for all existing roles')
appbuilder.sm.sync_roles()
+ appbuilder.add_permissions(update_perms=True)
print('Updating permission on all DAG views')
dags = DagBag(store_serialized_dags=settings.STORE_SERIALIZED_DAGS).dags.values()
for dag in dags:
diff --git a/tests/core/test_core.py b/tests/core/test_core.py
index b229d53..06f2d0b 100644
--- a/tests/core/test_core.py
+++ b/tests/core/test_core.py
@@ -1127,6 +1127,7 @@ class CliTests(unittest.TestCase):
'no_access_control',
None,
)
+ self.appbuilder.add_permissions.assert_called_once_with(update_perms=True)
def expect_dagbag_contains(self, dags, dagbag_mock):
dagbag = mock.Mock()