[GitHub] [airflow] kaxil commented on a change in pull request #15464: Skip DAG perm sync during parsing if possible

Wed, 21 Apr 2021 11:39:00 -0700 


kaxil commented on a change in pull request #15464:
URL: https://github.com/apache/airflow/pull/15464#discussion_r617790480



##########
File path: airflow/models/dagbag.py
##########
@@ -545,11 +545,30 @@ def _serialize_dag_capturing_errors(dag, session):
                     session=session,
                 )
                 if dag_was_updated:
-                    self.log.debug("Syncing DAG permissions: %s to the DB", 
dag.dag_id)
-                    from airflow.www.security import 
ApplessAirflowSecurityManager
-
-                    security_manager = 
ApplessAirflowSecurityManager(session=session)
-                    security_manager.sync_perm_for_dag(dag.dag_id, 
dag.access_control)
+                    from flask_appbuilder.security.sqla import models as 
sqla_models
+
+                    from airflow.security.permissions import DAG_PERMS, 
prefixed_dag_id
+
+                    def needs_perm_views(dag_id: str) -> bool:
+                        view_menu_name = prefixed_dag_id(dag_id)
+                        for permission_name in DAG_PERMS:
+                            if not (
+                                session.query(sqla_models.PermissionView)
+                                .join(sqla_models.Permission)
+                                .join(sqla_models.ViewMenu)
+                                .filter(sqla_models.Permission.name == 
permission_name)
+                                .filter(sqla_models.ViewMenu.name == 
view_menu_name)
+                                .one_or_none()
+                            ):
+                                return True
+                        return False
+
+                    if dag.access_control or needs_perm_views(dag.dag_id):
+                        self.log.debug("Syncing DAG permissions: %s to the 
DB", dag.dag_id)
+                        from airflow.www.security import 
ApplessAirflowSecurityManager
+
+                        security_manager = 
ApplessAirflowSecurityManager(session=session)
+                        security_manager.sync_perm_for_dag(dag.dag_id, 
dag.access_control)

Review comment:
       Can we separate this code block to a separate internal method too -- 
will be easier and test just that block in isolation too




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to