jedcunningham commented on a change in pull request #15311:
URL: https://github.com/apache/airflow/pull/15311#discussion_r613471571
##########
File path: airflow/www/security.py
##########
@@ -516,24 +515,25 @@ def _get_all_roles_with_permissions(self) -> Dict[str,
Role]:
def create_dag_specific_permissions(self) -> None:
"""
- Creates 'can_read' and 'can_edit' permissions for all active and
paused DAGs.
+ Creates 'can_read' and 'can_edit' permissions for all active and
paused DAGs,
+ along with any `access_control` permissions provided in the DAG.
:return: None.
"""
perms = self.get_all_permissions()
- rows = (
- self.get_session.query(models.DagModel.dag_id)
- .filter(or_(models.DagModel.is_active, models.DagModel.is_paused))
- .all()
- )
+ dagbag = DagBag(read_dags_from_db=True)
+ dagbag.collect_dags_from_db()
Review comment:
The sync-perms cli with the `include_dags` flag set, that's it.
Previously we had this method, used during webserver startup, and the
sync-perms cli with used a different approach and also supported
access_control. I'm simply moving the more complete version (sync-perms cli
with short circuit added) into the security manager.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
