This is an automated email from the ASF dual-hosted git repository.

vincbeck pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/airflow.git


The following commit(s) were added to refs/heads/main by this push:
     new 512461c745 Allow anoymous user edit/show resource when set 
`AUTH_ROLE_PUBLIC` (#36750)
512461c745 is described below

commit 512461c74523f8e015b5ccc1cc01184e4fd3960f
Author: Bob Du <[email protected]>
AuthorDate: Fri Jan 12 23:58:37 2024 +0800

    Allow anoymous user edit/show resource when set `AUTH_ROLE_PUBLIC` (#36750)
---
 airflow/www/auth.py  | 12 ++++--------
 airflow/www/views.py |  9 ++++-----
 2 files changed, 8 insertions(+), 13 deletions(-)

diff --git a/airflow/www/auth.py b/airflow/www/auth.py
index 4295a40833..e363eee67b 100644
--- a/airflow/www/auth.py
+++ b/airflow/www/auth.py
@@ -107,14 +107,10 @@ def has_access_with_pk(f):
             _permission_name = self.method_permission_name.get(f.__name__)
             if _permission_name:
                 permission_str = f"{PERMISSION_PREFIX}{_permission_name}"
-        if (
-            get_auth_manager().is_logged_in()
-            and permission_str in self.base_permissions
-            and self.appbuilder.sm.has_access(
-                action_name=permission_str,
-                resource_name=self.class_permission_name,
-                resource_pk=kwargs.get("pk"),
-            )
+        if permission_str in self.base_permissions and 
self.appbuilder.sm.has_access(
+            action_name=permission_str,
+            resource_name=self.class_permission_name,
+            resource_pk=kwargs.get("pk"),
         ):
             return f(self, *args, **kwargs)
         else:
diff --git a/airflow/www/views.py b/airflow/www/views.py
index ee89bce509..2f085c795b 100644
--- a/airflow/www/views.py
+++ b/airflow/www/views.py
@@ -133,7 +133,6 @@ from airflow.utils.task_group import TaskGroup, 
task_group_to_dict
 from airflow.utils.timezone import td_format, utcnow
 from airflow.version import version
 from airflow.www import auth, utils as wwwutils
-from airflow.www.auth import has_access_with_pk
 from airflow.www.decorators import action_logging, gzipped
 from airflow.www.extensions.init_auth_manager import get_auth_manager
 from airflow.www.forms import (
@@ -3994,7 +3993,7 @@ class AirflowModelView(ModelView):
         return attribute
 
     @expose("/show/<pk>", methods=["GET"])
-    @has_access_with_pk
+    @auth.has_access_with_pk
     def show(self, pk):
         """
         Show view.
@@ -4016,7 +4015,7 @@ class AirflowModelView(ModelView):
         )
 
     @expose("/edit/<pk>", methods=["GET", "POST"])
-    @has_access_with_pk
+    @auth.has_access_with_pk
     def edit(self, pk):
         """
         Edit view.
@@ -4040,7 +4039,7 @@ class AirflowModelView(ModelView):
             )
 
     @expose("/delete/<pk>", methods=["GET", "POST"])
-    @has_access_with_pk
+    @auth.has_access_with_pk
     def delete(self, pk):
         """
         Delete view.
@@ -4738,7 +4737,7 @@ class PoolModelView(AirflowModelView):
         return redirect(self.get_redirect())
 
     @expose("/delete/<pk>", methods=["GET", "POST"])
-    @has_access_with_pk
+    @auth.has_access_with_pk
     def delete(self, pk):
         """Single delete."""
         if models.Pool.is_default_pool(pk):

Reply via email to