suhail-zemoso commented on issue #53938: URL: https://github.com/apache/airflow/issues/53938#issuecomment-3150219985
✅ Workaround to Resolve the Issue I implemented the following solution to restrict the /dag_stats endpoint to only return data for DAGs that a user has access to: ✅ Attach the Filter to Endpoint Dependencies I added the permission filter as a dependency to the FastAPI route using readable_dags_filter: ReadableDagsFilterDep. This ensures that only permitted DAGs are considered during the request lifecycle. ✅ Apply DAG Filter to All Queries I updated the queries inside the endpoint to filter by permitted DAG IDs using SQLAlchemy’s .where(DagRun.dag_id.in_(permitted_dag_ids)). This includes filters on DAGs, DAG runs, and aggregated stats. After these changes, the /dag_stats endpoint now correctly returns results scoped to the user's DAG-level permissions. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
