gschuurman commented on issue #59510:
URL: https://github.com/apache/airflow/issues/59510#issuecomment-3660529914
`def requires_fab_custom_view(method: str, resource_name: str):
def _check(user=Depends(get_user)):
if not get_auth_manager().is_authorized_custom_view(
method=method, resource_name=resource_name, user=user
):
raise HTTPException(status_code=status.HTTP_403_FORBIDDEN,
detail="Forbidden")
return _check
`
This part of the code forgets to translate the raw http method to the
airflow role methods using the _MAP_METHOD_NAME_TO_FAB_ACTION_NAME dictionary.
`
_MAP_METHOD_NAME_TO_FAB_ACTION_NAME: dict[ExtendedResourceMethod, str] = {
"POST": ACTION_CAN_CREATE,
"GET": ACTION_CAN_READ,
"PUT": ACTION_CAN_EDIT,
"DELETE": ACTION_CAN_DELETE,
"MENU": ACTION_CAN_ACCESS_MENU,
}
`
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
