shakhar opened a new issue, #37329: URL: https://github.com/apache/airflow/issues/37329
### Description Currently DAG level permissions supports only the `can_read`, `can_edit` and `can_delete` actions ([ref](https://github.com/apache/airflow/blob/main/airflow/security/permissions.py#L67)) without supporting `can_create`. Moreover, it supports only `RESOURCE_DAG` resource ([ref](https://github.com/apache/airflow/blob/main/airflow/providers/fab/auth_manager/security_manager/override.py#L198)) without supporting all prefixed DAG related resources, like `RESOURCE_DAG_RUN`. I believe that if you will add the `RESOURCE_DAG_RUN` to the `DAG_RESOURCES` list (and all other prefixed DAG resources) and add the `can_create` to the `DAG_ACTIONS` list, it will allow us to configure a DAG level permission to trigger a run (`can_create` on `RESOURCE_DAG_RUN` will let you do it) and will open door for other DAG level permissions that are not directly on the `RESOURCE_DAG` level. ### Use case/motivation We want to be able to support DAG level permissions to trigger an new DAG run. ### Related issues _No response_ ### Are you willing to submit a PR? - [ ] Yes I am willing to submit a PR! ### Code of Conduct - [X] I agree to follow this project's [Code of Conduct](https://github.com/apache/airflow/blob/main/CODE_OF_CONDUCT.md) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
