This is an automated email from the ASF dual-hosted git repository. jedcunningham pushed a commit to branch v2-8-test in repository https://gitbox.apache.org/repos/asf/airflow.git
commit d3b027d9141ae80620f3dde47366a7bb14d29392 Author: Carlos Sánchez Páez <[email protected]> AuthorDate: Wed Jan 17 18:09:13 2024 +0100 Fix webserver always redirecting to home page if user was not logged in (#36833) (cherry picked from commit 3266e94a4da649f863cb01461adb5ac26db1722c) --- airflow/www/auth.py | 4 ++-- tests/www/views/test_anonymous_as_admin_role.py | 4 +++- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/airflow/www/auth.py b/airflow/www/auth.py index 97a79cc533..db3d8f2ab3 100644 --- a/airflow/www/auth.py +++ b/airflow/www/auth.py @@ -116,7 +116,7 @@ def has_access_with_pk(f): else: log.warning(LOGMSG_ERR_SEC_ACCESS_DENIED, permission_str, self.__class__.__name__) flash(as_unicode(FLAMSG_ERR_SEC_ACCESS_DENIED), "danger") - return redirect(get_auth_manager().get_url_login(next=request.url)) + return redirect(get_auth_manager().get_url_login(next_url=request.url)) f._permission_name = permission_str return functools.update_wrapper(wraps, f) @@ -173,7 +173,7 @@ def _has_access(*, is_authorized: bool, func: Callable, args, kwargs): 403, ) elif not get_auth_manager().is_logged_in(): - return redirect(get_auth_manager().get_url_login(next=request.url)) + return redirect(get_auth_manager().get_url_login(next_url=request.url)) else: access_denied = get_access_denied_message() flash(access_denied, "danger") diff --git a/tests/www/views/test_anonymous_as_admin_role.py b/tests/www/views/test_anonymous_as_admin_role.py index 214f2ee3c9..a78485ea97 100644 --- a/tests/www/views/test_anonymous_as_admin_role.py +++ b/tests/www/views/test_anonymous_as_admin_role.py @@ -17,6 +17,8 @@ # under the License. from __future__ import annotations +from urllib.parse import quote_plus + import pytest from airflow.models import Pool @@ -54,7 +56,7 @@ def test_delete_pool_anonymous_user_no_role(anonymous_client, pool_factory): pool = pool_factory() resp = anonymous_client.post(f"pool/delete/{pool.id}") assert 302 == resp.status_code - assert "/login/" == resp.headers["Location"] + assert f"/login/?next={quote_plus(f'http://localhost/pool/delete/{pool.id}')}" == resp.headers["Location"] def test_delete_pool_anonymous_user_as_admin(anonymous_client_as_admin, pool_factory):
