pingu1m commented on code in PR #34317:
URL: https://github.com/apache/airflow/pull/34317#discussion_r1337848638
##########
airflow/api_connexion/endpoints/xcom_endpoint.py:
##########
@@ -39,14 +39,7 @@
from airflow.api_connexion.types import APIResponse
[email protected]_access(
- [
- (permissions.ACTION_CAN_READ, permissions.RESOURCE_DAG),
- (permissions.ACTION_CAN_READ, permissions.RESOURCE_DAG_RUN),
- (permissions.ACTION_CAN_READ, permissions.RESOURCE_TASK_INSTANCE),
- (permissions.ACTION_CAN_READ, permissions.RESOURCE_XCOM),
- ],
-)
[email protected]_access_dag("GET", DagAccessEntity.XCOM)
Review Comment:
Why only `DagAccessEntity.XCOM` is added to the decorator? On the original
code we have other entities: `DAG, DAG_RUN, TASK_INSTANCE`
##########
airflow/api_connexion/endpoints/dag_endpoint.py:
##########
@@ -180,7 +180,7 @@ def patch_dags(limit, session, offset=0, only_active=True,
tags=None, dag_id_pat
return dags_collection_schema.dump(DAGCollection(dags=dags,
total_entries=total_entries))
[email protected]_access([(permissions.ACTION_CAN_DELETE,
permissions.RESOURCE_DAG)])
[email protected]_access_dag("DELETE")
Review Comment:
Whats the difference between the current line and
`@security.requires_access_dag("DELETE", DagAccessEntity.RUN)`
? Also should a enum/constant be used instead of the string "DELETE"?
This applies for other methods too.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
