This is an automated email from the ASF dual-hosted git repository.
taragolis pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/airflow.git
The following commit(s) were added to refs/heads/main by this push:
new 00ed46769e D401 support in fab provider (#37283)
00ed46769e is described below
commit 00ed46769eaea24251fc4726a46df1f54f27c4bd
Author: Vincent <[email protected]>
AuthorDate: Fri Feb 9 13:13:36 2024 -0500
D401 support in fab provider (#37283)
---
.../providers/fab/auth_manager/decorators/auth.py | 2 +-
.../providers/fab/auth_manager/fab_auth_manager.py | 2 +-
.../fab/auth_manager/security_manager/override.py | 52 +++++++++++-----------
pyproject.toml | 3 --
4 files changed, 28 insertions(+), 31 deletions(-)
diff --git a/airflow/providers/fab/auth_manager/decorators/auth.py
b/airflow/providers/fab/auth_manager/decorators/auth.py
index 95f97c8e79..7089be08fc 100644
--- a/airflow/providers/fab/auth_manager/decorators/auth.py
+++ b/airflow/providers/fab/auth_manager/decorators/auth.py
@@ -67,7 +67,7 @@ def _requires_access_fab(permissions: Sequence[tuple[str,
str]] | None = None) -
def _has_access_fab(permissions: Sequence[tuple[str, str]] | None = None) ->
Callable[[T], T]:
"""
- Factory for decorator that checks current user's permissions against
required permissions.
+ Check current user's permissions against required permissions.
This decorator is only kept for backward compatible reasons. The decorator
``airflow.www.auth.has_access``, which redirects to this decorator, is
widely used in user plugins.
diff --git a/airflow/providers/fab/auth_manager/fab_auth_manager.py
b/airflow/providers/fab/auth_manager/fab_auth_manager.py
index dfa53ef78b..696709ae6c 100644
--- a/airflow/providers/fab/auth_manager/fab_auth_manager.py
+++ b/airflow/providers/fab/auth_manager/fab_auth_manager.py
@@ -446,7 +446,7 @@ class FabAuthManager(BaseAuthManager):
def _resource_name_for_dag(self, dag_id: str) -> str:
"""
- Returns the FAB resource name for a DAG id.
+ Return the FAB resource name for a DAG id.
:param dag_id: the DAG id
diff --git a/airflow/providers/fab/auth_manager/security_manager/override.py
b/airflow/providers/fab/auth_manager/security_manager/override.py
index 9fe89f8a69..6f5c0f72c6 100644
--- a/airflow/providers/fab/auth_manager/security_manager/override.py
+++ b/airflow/providers/fab/auth_manager/security_manager/override.py
@@ -531,7 +531,7 @@ class
FabAirflowSecurityManagerOverride(AirflowSecurityManagerV2):
@property
def auth_role_public(self):
- """Gets the public role."""
+ """Get the public role."""
return self.appbuilder.app.config["AUTH_ROLE_PUBLIC"]
@property
@@ -571,7 +571,7 @@ class
FabAirflowSecurityManagerOverride(AirflowSecurityManagerV2):
@property
def auth_ldap_server(self):
- """Gets the LDAP server object."""
+ """Get the LDAP server object."""
return self.appbuilder.get_app.config["AUTH_LDAP_SERVER"]
@property
@@ -650,7 +650,7 @@ class
FabAirflowSecurityManagerOverride(AirflowSecurityManagerV2):
@property
def auth_username_ci(self):
- """Gets the auth username for CI."""
+ """Get the auth username for CI."""
return self.appbuilder.get_app.config.get("AUTH_USERNAME_CI", True)
@property
@@ -685,7 +685,7 @@ class
FabAirflowSecurityManagerOverride(AirflowSecurityManagerV2):
@property
def auth_role_admin(self):
- """Gets the admin role."""
+ """Get the admin role."""
return self.appbuilder.get_app.config["AUTH_ROLE_ADMIN"]
@property
@@ -697,7 +697,7 @@ class
FabAirflowSecurityManagerOverride(AirflowSecurityManagerV2):
return self.oauth_allow_list
def create_builtin_roles(self):
- """Returns FAB builtin roles."""
+ """Return FAB builtin roles."""
return self.appbuilder.app.config.get("FAB_ROLES", {})
@property
@@ -1445,7 +1445,7 @@ class
FabAirflowSecurityManagerOverride(AirflowSecurityManagerV2):
password="",
hashed_password="",
):
- """Generic function to create user."""
+ """Create a user."""
try:
user = self.user_model()
user.first_name = first_name
@@ -1504,7 +1504,7 @@ class
FabAirflowSecurityManagerOverride(AirflowSecurityManagerV2):
return None
def find_user(self, username=None, email=None):
- """Finds user by username or email."""
+ """Find user by username or email."""
if username:
try:
if self.auth_username_ci:
@@ -1549,7 +1549,7 @@ class
FabAirflowSecurityManagerOverride(AirflowSecurityManagerV2):
def del_register_user(self, register_user):
"""
- Deletes registration object from database.
+ Delete registration object from database.
:param register_user: RegisterUser object to delete
"""
@@ -1598,7 +1598,7 @@ class
FabAirflowSecurityManagerOverride(AirflowSecurityManagerV2):
def get_action(self, name: str) -> Action:
"""
- Gets an existing action record.
+ Get an existing action record.
:param name: name
"""
@@ -1606,7 +1606,7 @@ class
FabAirflowSecurityManagerOverride(AirflowSecurityManagerV2):
def create_action(self, name):
"""
- Adds an action to the backend, model action.
+ Add an action to the backend, model action.
:param name:
name of the action: 'can_add','can_edit' etc...
@@ -1626,7 +1626,7 @@ class
FabAirflowSecurityManagerOverride(AirflowSecurityManagerV2):
def delete_action(self, name: str) -> bool:
"""
- Deletes a permission action.
+ Delete a permission action.
:param name: Name of action to delete (e.g. can_read).
"""
@@ -1659,7 +1659,7 @@ class
FabAirflowSecurityManagerOverride(AirflowSecurityManagerV2):
def get_resource(self, name: str) -> Resource:
"""
- Returns a resource record by name, if it exists.
+ Return a resource record by name, if it exists.
:param name: Name of resource
"""
@@ -1685,12 +1685,12 @@ class
FabAirflowSecurityManagerOverride(AirflowSecurityManagerV2):
return resource
def get_all_resources(self) -> list[Resource]:
- """Gets all existing resource records."""
+ """Get all existing resource records."""
return self.get_session.query(self.resource_model).all()
def delete_resource(self, name: str) -> bool:
"""
- Deletes a Resource from the backend.
+ Delete a Resource from the backend.
:param name:
name of the resource
@@ -1728,7 +1728,7 @@ class
FabAirflowSecurityManagerOverride(AirflowSecurityManagerV2):
resource_name: str,
) -> Permission | None:
"""
- Gets a permission made with the given action->resource pair, if the
permission already exists.
+ Get a permission made with the given action->resource pair, if the
permission already exists.
:param action_name: Name of action
:param resource_name: Name of resource
@@ -1753,7 +1753,7 @@ class
FabAirflowSecurityManagerOverride(AirflowSecurityManagerV2):
def create_permission(self, action_name, resource_name) -> Permission |
None:
"""
- Adds a permission on a resource to the backend.
+ Add a permission on a resource to the backend.
:param action_name:
name of the action to add: 'can_add','can_edit' etc...
@@ -1781,7 +1781,7 @@ class
FabAirflowSecurityManagerOverride(AirflowSecurityManagerV2):
def delete_permission(self, action_name: str, resource_name: str) -> None:
"""
- Deletes the permission linking an action->resource pair.
+ Delete the permission linking an action->resource pair.
Doesn't delete the underlying action or resource.
@@ -1846,7 +1846,7 @@ class
FabAirflowSecurityManagerOverride(AirflowSecurityManagerV2):
self.get_session.rollback()
def get_oid_identity_url(self, provider_name: str) -> str | None:
- """Returns the OIDC identity provider URL."""
+ """Return the OIDC identity provider URL."""
for provider in self.openid_providers:
if provider.get("name") == provider_name:
return provider.get("url")
@@ -2091,7 +2091,7 @@ class
FabAirflowSecurityManagerOverride(AirflowSecurityManagerV2):
func: Callable[[AirflowSecurityManagerV2, str, dict[str, Any] | None],
dict[str, Any]],
):
"""
- Decorator function to be the OAuth user info getter for all the
providers.
+ Get OAuth user info for all the providers.
Receives provider and response return a dict with the information
returned from the provider.
The returned user info dict should have its keys with the same name as
the User Model.
@@ -2210,7 +2210,7 @@ class
FabAirflowSecurityManagerOverride(AirflowSecurityManagerV2):
@staticmethod
def oauth_token_getter():
- """Authentication (OAuth) token getter function."""
+ """Get authentication (OAuth) token."""
token = session.get("oauth")
log.debug("Token Get: %s", token)
return token
@@ -2220,7 +2220,7 @@ class
FabAirflowSecurityManagerOverride(AirflowSecurityManagerV2):
perms: Sequence[tuple[str, str]] | None = None,
dag_id: str | None = None,
) -> bool:
- """Checks that the logged in user has the specified permissions."""
+ """Check the logged-in user has the specified permissions."""
if not perms:
return True
@@ -2254,7 +2254,7 @@ class
FabAirflowSecurityManagerOverride(AirflowSecurityManagerV2):
def get_oauth_token_key_name(self, provider):
"""
- Returns the token_key name for the oauth provider.
+ Return the token_key name for the oauth provider.
If none is configured defaults to oauth_token
this is configured using OAUTH_PROVIDERS and token_key key.
@@ -2275,7 +2275,7 @@ class
FabAirflowSecurityManagerOverride(AirflowSecurityManagerV2):
def auth_user_oauth(self, userinfo):
"""
- Method for authenticating user with OAuth.
+ Authenticate user with OAuth.
:userinfo: dict with user information
(keys are the same as User model columns)
@@ -2608,7 +2608,7 @@ class
FabAirflowSecurityManagerOverride(AirflowSecurityManagerV2):
return result
def _has_access_builtin_roles(self, role, action_name: str, resource_name:
str) -> bool:
- """Checks permission on builtin role."""
+ """Check permission on builtin role."""
perms = self.builtin_roles.get(role.name, [])
for _resource_name, _action_name in perms:
if re2.match(_resource_name, resource_name) and
re2.match(_action_name, action_name):
@@ -2647,7 +2647,7 @@ class
FabAirflowSecurityManagerOverride(AirflowSecurityManagerV2):
"""
Get permissions except those that are for specific DAGs.
- Returns a dict with a key of (action_name, resource_name) and value of
permission
+ Return a dict with a key of (action_name, resource_name) and value of
permission
with all permissions except those that are for specific DAGs.
"""
return {
@@ -2689,7 +2689,7 @@ class
FabAirflowSecurityManagerOverride(AirflowSecurityManagerV2):
@staticmethod
def _cli_safe_flash(text: str, level: str) -> None:
- """Shows a flash in a web context or prints a message if not."""
+ """Show a flash in a web context or prints a message if not."""
if has_request_context():
flash(Markup(text), level)
else:
diff --git a/pyproject.toml b/pyproject.toml
index 1856aac2a4..cad94c51fe 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -1373,9 +1373,6 @@ combine-as-imports = true
"airflow/providers/common/io/xcom/backend.py" = ["D401"]
"airflow/providers/databricks/hooks/databricks.py" = ["D401"]
"airflow/providers/databricks/operators/databricks.py" = ["D401"]
-"airflow/providers/fab/auth_manager/decorators/auth.py" = ["D401"]
-"airflow/providers/fab/auth_manager/fab_auth_manager.py" = ["D401"]
-"airflow/providers/fab/auth_manager/security_manager/override.py" = ["D401"]
"airflow/providers/google/cloud/hooks/automl.py" = ["D401"]
"airflow/providers/google/cloud/hooks/bigquery.py" = ["D401"]
"airflow/providers/google/cloud/hooks/bigquery_dts.py" = ["D401"]
