Re: [PR] Add option in simple auth manager to disable authentication and allow everyone as admin [airflow]

via GitHub Fri, 20 Sep 2024 08:51:03 -0700


shahar1 commented on code in PR #42355:
URL: https://github.com/apache/airflow/pull/42355#discussion_r1768843307



##########
airflow/auth/managers/simple/simple_auth_manager.py:
##########
@@ -122,7 +124,12 @@ def get_url_logout(self) -> str:
         return url_for("SimpleAuthManagerAuthenticationViews.logout")
 
     def get_user(self) -> SimpleAuthManagerUser | None:
-        return session["user"] if self.is_logged_in() else None
+        if not self.is_logged_in():
+            return None
+        if 
self.appbuilder.get_app.config.get("SIMPLE_AUTH_MANAGER_ALL_ADMINS", False):
+            return SimpleAuthManagerUser(username="Anonymous", role="admin")

Review Comment:
   Small nit:
   I assume that the username is not case sensitive - but in the code level we 
might be consistent (i.e., `Anonymous` or `anonymous`) to prevent potential 
security bugs. Example from the codebase:
   
   
https://github.com/apache/airflow/blob/c051d0aa4c7215b35a4390822aa6ece3ac945900/airflow/www/decorators.py#L91



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Re: [PR] Add option in simple auth manager to disable authentication and allow everyone as admin [airflow]

Reply via email to