vincbeck commented on PR #47458: URL: https://github.com/apache/airflow/pull/47458#issuecomment-2704738574
> Maybe I got it wrong but that doesn't answer my question, before calling `get_permitted_dag_ids` without specifying the method would then default to `["PUT", "GET"]`, now this will default to "GET" only. Which is not the same is it ? Oh! Got it! Yes you're right, but to be honest I think before was very wrong. Before, if you do not pass any methods to `get_permitted_dag_ids`, default was `["PUT", "GET"]`. Then we can imagine a user having no read permissions but all permissions on edit. Before, `get_permitted_dag_ids` was returning all the DAGs because the user had edit permissions on all DAGs. But then the user would click on one DAGs and would end up with an access denied because they do not have read permissions. So I think we are solving a "bug" even though I am not sure this use case even exist (users having edit permissions but not read) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
