[GitHub] astahlman commented on a change in pull request #4658: [WIP] [AIRFLOW-3813] Add CLI commands to manage roles

Wed, 06 Feb 2019 13:58:36 -0800 

astahlman commented on a change in pull request #4658: [WIP] [AIRFLOW-3813] Add 
CLI commands to manage roles
URL: https://github.com/apache/airflow/pull/4658#discussion_r254468771
 
 

 ##########
 File path: airflow/www/security.py
 ##########
 @@ -195,6 +195,19 @@ def init_role(self, role_name, role_vms, role_perms):
         else:
             self.log.info('Existing permissions for the role:%s within the 
database will persist.', role_name)
 
+    def delete_role(self, role_name):
+        session = self.get_session
+        role = session.query(sqla_models.Role)\
+                      .filter(sqla_models.Role.name == role_name)\
+                      .first()
+        if role:
+            self.log.info("Deleting role '{}'".format(role_name))
+            session.delete(role)
 
 Review comment:
   Yeah, delete will cascade to the `ab_user_role` table, so it just deletes 
any entries associated with that role. Here's an example:
   
   ```
   $ airflow users -l | grep "jdoe+1"
   │    3 │ user1          │ [email protected] │ jon          │ doe1        │ 
[Admin, Op, Public] │
   
   $ airflow roles --delete Public
   [2019-02-06 13:56:24,911] {__init__.py:51} INFO - Using executor 
SequentialExecutor
   [2019-02-06 13:56:25,431] {__init__.py:298} INFO - Filling up the DagBag 
from /Users/andrewstahlman/airflow/dags
   [2019-02-06 13:56:25,638] {security.py:452} INFO - Start syncing user roles.
   [2019-02-06 13:56:25,684] {security.py:196} INFO - Existing permissions for 
the role:Viewer within the database will persist.
   [2019-02-06 13:56:25,729] {security.py:196} INFO - Existing permissions for 
the role:User within the database will persist.
   [2019-02-06 13:56:25,771] {security.py:196} INFO - Existing permissions for 
the role:Op within the database will persist.
   [2019-02-06 13:56:25,772] {security.py:365} INFO - Fetching a set of all 
permission, view_menu from FAB meta-table
   [2019-02-06 13:56:25,927] {security.py:316} INFO - Cleaning faulty perms
   [2019-02-06 13:56:25,934] {security.py:204} INFO - Deleting role 'Public'
   
   $ airflow users -l | grep "jdoe+1"
   │    3 │ user1          │ [email protected] │ jon          │ doe1        │ 
[Admin, Op] │
   ```

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
[email protected]


With regards,
Apache Git Services

Reply via email to