kanetkarster commented on issue #5812: [AIRFLOW-4449] updated default permission for custom roles to 'Viewer' URL: https://github.com/apache/airflow/pull/5812#issuecomment-529490475 Right now, all custom roles have, as a base, all the permissions given to User. Whenever `create_custom_dag_permission_view` get's called, the permissions of custom roles get updated. We want to create Roles with permissions not included with in User. In particular, we don't want all roles to have access to the `set success on _____` permissions. This change will update that default permissions given to custom roles to be Viewer, so we can assign "write" permissions to roles as they are needed FWIW, I think once #4960 is included in the release, there will be better ways to get around this. Right now, we've configured our custom SecurityManager class to not call `create_custom_dag_permission_view` ever, which is less than desirable Regardless, I think it's a saner default for all custom roles to have no write permissions
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services
