vincbeck commented on code in PR #36565:
URL: https://github.com/apache/airflow/pull/36565#discussion_r1441854663
##########
airflow/www/views.py:
##########
@@ -5889,6 +5905,7 @@ def add_user_permissions_to_dag(sender, template,
context, **extra):
dag.can_edit = get_auth_manager().is_authorized_dag(method="PUT",
details=DagDetails(id=dag.dag_id))
dag.can_trigger = dag.can_edit and can_create_dag_run
dag.can_delete = get_auth_manager().is_authorized_dag(method="DELETE",
details=DagDetails(id=dag.dag_id))
+ dag.can_pause = get_auth_manager().is_authorized_dag(method="PATCH",
details=DagDetails(id=dag.dag_id))
Review Comment:
I dont like that either. This is not a resource, the resource is DAG.
Another idea would be to introduce a new optional parameter like
`action_details` which gives more details/information about the action being
done. That would work and would be consistent with the authorization model. But
again, if you want then to use this information in the FAB auth manager, that
will require quite some work on the FAB auth manager side.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
