You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@airflow.apache.org by "ASF GitHub Bot (JIRA)" <ji...@apache.org> on 2018/09/12 14:46:03 UTC

[jira] [Commented] (AIRFLOW-3048) (www_rbac) Non-Admin Roles' Access to Pages "Profile", "Edit User", and "Reset my password"

    [ https://issues.apache.org/jira/browse/AIRFLOW-3048?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16612246#comment-16612246 ] 

ASF GitHub Bot commented on AIRFLOW-3048:
-----------------------------------------

XD-DENG opened a new pull request #3889: [AIRFLOW-3048] Add access to self-manage pages for non-Admin roles
URL: https://github.com/apache/incubator-airflow/pull/3889
 
 
   Make sure you have checked _all_ steps below.
   
   ### Jira
   
   - [x] My PR addresses the following [Airflow Jira](https://issues.apache.org/jira/browse/AIRFLOW/) issues and references them in the PR title. For example, "\[AIRFLOW-XXX\] My Airflow PR"
     - https://issues.apache.org/jira/browse/AIRFLOW-3048
     - In case you are fixing a typo in the documentation you can prepend your commit with \[AIRFLOW-XXX\], code changes always need a Jira issue.
   
   ### Description
   
   - [x] Here are some details about my PR, including screenshots of any UI changes:
   
   In the **www_rbac** app, at the top right corner, users can click to access "**Profile**" page, and in that page users are able to check their own profile, and further, they can change their own profile via **Edit User** (last and first name) and reset their OWN password ("**Reset my password**").
   
   **_However, in the current version (both 1.10 and master branch), the default role-view-permission only allows Admin roles to access this page._**
   
   Of course the Admin user can add access to these pages for other roles, but it should not be the case actually (it should be there by default. All users should be able to access their own profile and change their own profile as well as password).
   
   **Screenshot-1**
   <img width="1679" alt="attachment 1" src="https://user-images.githubusercontent.com/11539188/45432772-3d767080-b6dd-11e8-85d8-027de9e0e910.png">
   
   **Screenshot-2**
   <img width="1680" alt="attachment 2" src="https://user-images.githubusercontent.com/11539188/45432778-40716100-b6dd-11e8-9736-8bfde65b71c1.png">
   
   
   ### Tests
   
   - [ ] My PR adds the following unit tests __OR__ does not need testing for this extremely good reason:
   
   ### Commits
   
   - [x] My commits all reference Jira issues in their subject lines, and I have squashed multiple commits if they address the same issue. In addition, my commits follow the guidelines from "[How to write a good git commit message](http://chris.beams.io/posts/git-commit/)":
     1. Subject is separated from body by a blank line
     1. Subject is limited to 50 characters (not including Jira issue reference)
     1. Subject does not end with a period
     1. Subject uses the imperative mood ("add", not "adding")
     1. Body wraps at 72 characters
     1. Body explains "what" and "why", not "how"
   
   ### Documentation
   
   - [ ] In case of new functionality, my PR adds documentation that describes how to use it.
     - When adding new operators/hooks/sensors, the autoclass documentation generation needs to be added.
   
   ### Code Quality
   
   - [x] Passes `git diff upstream/master -u -- "*.py" | flake8 --diff`
   

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


> (www_rbac) Non-Admin Roles' Access to Pages "Profile", "Edit User", and "Reset my password"
> -------------------------------------------------------------------------------------------
>
>                 Key: AIRFLOW-3048
>                 URL: https://issues.apache.org/jira/browse/AIRFLOW-3048
>             Project: Apache Airflow
>          Issue Type: Improvement
>          Components: webapp
>    Affects Versions: 1.10.0
>            Reporter: Xiaodong DENG
>            Assignee: Xiaodong DENG
>            Priority: Minor
>         Attachments: attachment 1.png, attachment 2.png
>
>
> In the *www_rbac* app, at the top right corner, users can click to access "_*Profile*_" page, and in that page users are able to check their own profile, and further, they can change their own profile via _*Edit User*_ (last and first name) and reset their OWN password ("*Reset my password*").
> However, in the current version (both 1.10 and master branch), the *default* role-view-permission only allows Admin roles to access this page.
> Of course the Admin user can add access to these pages for other roles, but it should not be the case actually (it should be there by default).
>  



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)