potiuk commented on issue #54090: URL: https://github.com/apache/airflow/issues/54090#issuecomment-3167041262
> Import is unaffected right? It's just a "bulk create" operation, so I don't see what needs to change about that. Yes. Import can be done without problems because we have "write-only" permission. Most problems is with export - because our model assumes currently that we do not expose such credentials over API to the user (we only expose them via task-sdk to workloads and triggerer) So my question is do we want to create another role in our model - someone who is able to read the passwords via public API. So you say we need to add such role? Do you think it's secure enough ? Previously the user who could edit connecton could do that - but we considered it not "Securte enough". And I think if we decide on adding it back, we need to be very specific about that role. I'd say it's a bit not consistent as that user who logs in via the UI will also be able to see those passwords in the UI - so we are just shifting the problem we tried to solve to another role- and we need to add back to our security model that there are users who can read the credentials. Or maybe we want to introduce a different class of the API and authentication - so far as I understand airflowctl uses the same API as the UI and we have no way to distinguish whether we are calling it from UI or airflowctl? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
