jason810496 commented on code in PR #47062:
URL: https://github.com/apache/airflow/pull/47062#discussion_r1976261748
##########
airflow/api_fastapi/core_api/routes/public/dags.py:
##########
@@ -57,14 +57,15 @@
DAGResponse,
)
from airflow.api_fastapi.core_api.openapi.exceptions import
create_openapi_http_exception_doc
+from airflow.api_fastapi.core_api.security import requires_access_dag
from airflow.exceptions import AirflowException, DagNotFound
from airflow.models import DAG, DagModel
from airflow.models.dagrun import DagRun
dags_router = AirflowRouter(tags=["DAG"], prefix="/dags")
-@dags_router.get("")
+@dags_router.get("", dependencies=[Depends(requires_access_dag(method="GET"))])
Review Comment:
> I don't think it supports access restrictions such as only allow access to
a specific dag_id.
I see! I just took a look at `SimpleAuthManagerRole`, and I think you're
right. It looks like if a user's role is greater than or equal to `USER`, they
are allowed to access all DAGs. So perhaps we should keep this part as it was
originally?
https://github.com/apache/airflow/blob/main/airflow/auth/managers/simple/simple_auth_manager.py#L55-L78
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
