This is an automated email from the ASF dual-hosted git repository.
vincbeck pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/airflow.git
The following commit(s) were added to refs/heads/main by this push:
new 512461c745 Allow anoymous user edit/show resource when set
`AUTH_ROLE_PUBLIC` (#36750)
512461c745 is described below
commit 512461c74523f8e015b5ccc1cc01184e4fd3960f
Author: Bob Du <[email protected]>
AuthorDate: Fri Jan 12 23:58:37 2024 +0800
Allow anoymous user edit/show resource when set `AUTH_ROLE_PUBLIC` (#36750)
---
airflow/www/auth.py | 12 ++++--------
airflow/www/views.py | 9 ++++-----
2 files changed, 8 insertions(+), 13 deletions(-)
diff --git a/airflow/www/auth.py b/airflow/www/auth.py
index 4295a40833..e363eee67b 100644
--- a/airflow/www/auth.py
+++ b/airflow/www/auth.py
@@ -107,14 +107,10 @@ def has_access_with_pk(f):
_permission_name = self.method_permission_name.get(f.__name__)
if _permission_name:
permission_str = f"{PERMISSION_PREFIX}{_permission_name}"
- if (
- get_auth_manager().is_logged_in()
- and permission_str in self.base_permissions
- and self.appbuilder.sm.has_access(
- action_name=permission_str,
- resource_name=self.class_permission_name,
- resource_pk=kwargs.get("pk"),
- )
+ if permission_str in self.base_permissions and
self.appbuilder.sm.has_access(
+ action_name=permission_str,
+ resource_name=self.class_permission_name,
+ resource_pk=kwargs.get("pk"),
):
return f(self, *args, **kwargs)
else:
diff --git a/airflow/www/views.py b/airflow/www/views.py
index ee89bce509..2f085c795b 100644
--- a/airflow/www/views.py
+++ b/airflow/www/views.py
@@ -133,7 +133,6 @@ from airflow.utils.task_group import TaskGroup,
task_group_to_dict
from airflow.utils.timezone import td_format, utcnow
from airflow.version import version
from airflow.www import auth, utils as wwwutils
-from airflow.www.auth import has_access_with_pk
from airflow.www.decorators import action_logging, gzipped
from airflow.www.extensions.init_auth_manager import get_auth_manager
from airflow.www.forms import (
@@ -3994,7 +3993,7 @@ class AirflowModelView(ModelView):
return attribute
@expose("/show/<pk>", methods=["GET"])
- @has_access_with_pk
+ @auth.has_access_with_pk
def show(self, pk):
"""
Show view.
@@ -4016,7 +4015,7 @@ class AirflowModelView(ModelView):
)
@expose("/edit/<pk>", methods=["GET", "POST"])
- @has_access_with_pk
+ @auth.has_access_with_pk
def edit(self, pk):
"""
Edit view.
@@ -4040,7 +4039,7 @@ class AirflowModelView(ModelView):
)
@expose("/delete/<pk>", methods=["GET", "POST"])
- @has_access_with_pk
+ @auth.has_access_with_pk
def delete(self, pk):
"""
Delete view.
@@ -4738,7 +4737,7 @@ class PoolModelView(AirflowModelView):
return redirect(self.get_redirect())
@expose("/delete/<pk>", methods=["GET", "POST"])
- @has_access_with_pk
+ @auth.has_access_with_pk
def delete(self, pk):
"""Single delete."""
if models.Pool.is_default_pool(pk):
