jhtimmins commented on a change in pull request #13923:
URL: https://github.com/apache/airflow/pull/13923#discussion_r565554381
##########
File path: airflow/www/security.py
##########
@@ -441,14 +441,15 @@ def _merge_perm(self, permission_name, view_menu_name):
def add_homepage_access_to_custom_roles(self):
"""
- Add Website.can_read access to all roles.
+ Add Website.can_read access to all custom roles.
:return: None.
"""
website_permission = self.add_permission_view_menu(
permissions.ACTION_CAN_READ, permissions.RESOURCE_WEBSITE
)
- for role in self.get_all_roles():
+ custom_roles = [role for role in self.get_all_roles() if role.name not
in EXISTING_ROLES]
+ for role in custom_roles:
Review comment:
@kaxil All roles except for Public will get `Website.can_read`. This is
just only added to custom roles explicitly, since the default ones already have
it. So mostly I just wanted to not give Public that access.
Still think it's worth adding a test to make sure that isn't available to
Public?
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
