This is an automated email from the ASF dual-hosted git repository.
uranusjr pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/airflow.git
The following commit(s) were added to refs/heads/main by this push:
new 9c2eb9d Remove deprecated usage of init_role() from API (#18820)
9c2eb9d is described below
commit 9c2eb9d0b1ee555f74da70f0e666706aebb3ab27
Author: Tzu-ping Chung <[email protected]>
AuthorDate: Tue Oct 12 09:14:07 2021 +0800
Remove deprecated usage of init_role() from API (#18820)
---
.../endpoints/role_and_permission_endpoint.py | 11 ++++++-----
airflow/api_connexion/openapi/v1.yaml | 1 +
.../endpoints/test_role_and_permission_endpoint.py | 21 +++++++++++++++++++++
3 files changed, 28 insertions(+), 5 deletions(-)
diff --git a/airflow/api_connexion/endpoints/role_and_permission_endpoint.py
b/airflow/api_connexion/endpoints/role_and_permission_endpoint.py
index 55f7b38..6bee465 100644
--- a/airflow/api_connexion/endpoints/role_and_permission_endpoint.py
+++ b/airflow/api_connexion/endpoints/role_and_permission_endpoint.py
@@ -119,14 +119,15 @@ def patch_role(role_name, update_mask=None):
else:
raise BadRequest(detail=f"'{field}' in update_mask is unknown")
data = data_
- perms = data.get("permissions", [])
- if perms:
+ if "permissions" in data:
perms = [
- (item['permission']['name'], item['view_menu']['name']) for item
in data['permissions'] if item
+ (item["permission"]["name"], item["view_menu"]["name"]) for item
in data["permissions"] if item
]
_check_action_and_resource(security_manager, perms)
- security_manager.update_role(role_id=role.id, name=data['name'])
- security_manager.init_role(role_name=data['name'], perms=perms or
role.permissions)
+ security_manager.bulk_sync_roles([{"role": role_name, "perms": perms}])
+ new_name = data.get("name")
+ if new_name is not None and new_name != role.name:
+ security_manager.update_role(role_id=role.id, name=new_name)
return role_schema.dump(role)
diff --git a/airflow/api_connexion/openapi/v1.yaml
b/airflow/api_connexion/openapi/v1.yaml
index a663e82..0c87b96 100644
--- a/airflow/api_connexion/openapi/v1.yaml
+++ b/airflow/api_connexion/openapi/v1.yaml
@@ -2694,6 +2694,7 @@ components:
name:
type: string
description: The name of the role
+ minLength: 1
actions:
type: array
items:
diff --git a/tests/api_connexion/endpoints/test_role_and_permission_endpoint.py
b/tests/api_connexion/endpoints/test_role_and_permission_endpoint.py
index 0d41c92..54ccf7f 100644
--- a/tests/api_connexion/endpoints/test_role_and_permission_endpoint.py
+++ b/tests/api_connexion/endpoints/test_role_and_permission_endpoint.py
@@ -355,6 +355,27 @@ class TestPatchRole(TestRoleEndpoint):
assert response.json['name'] == expected_name
assert response.json["actions"] == expected_actions
+ def test_patch_should_update_correct_roles_permissions(self):
+ create_role(self.app, "role_to_change")
+ create_role(self.app, "already_exists")
+
+ response = self.client.patch(
+ "/api/v1/roles/role_to_change",
+ json={
+ "name": "already_exists",
+ "actions": [{"action": {"name": "can_delete"}, "resource":
{"name": "XComs"}}],
+ },
+ environ_overrides={"REMOTE_USER": "test"},
+ )
+ assert response.status_code == 200
+
+ updated_permissions =
self.app.appbuilder.sm.find_role("role_to_change").permissions
+ assert len(updated_permissions) == 1
+ assert updated_permissions[0].view_menu.name == "XComs"
+ assert updated_permissions[0].permission.name == "can_delete"
+
+ assert
len(self.app.appbuilder.sm.find_role("already_exists").permissions) == 0
+
@parameterized.expand(
[
(
