tirkarthi commented on issue #60265: URL: https://github.com/apache/airflow/issues/60265#issuecomment-3725054130
Yes, the grid view now makes an API call per dagrun to get task instance summaries. Even for a dag page with only one dagrun there are 12 ui/* and 16 api/* calls so caching the user object even for a shorter period will help. caching in Python's stdlib doesn't provide ttl so one approach could be storing (user, cache_created_time) and then during every check see if datetime.now() - cache_create_time duration is more than x seconds and then refetch the user object. With respect to invalidation I think roles and permissions can now be updated through API and cli. The update has to call get_auth_manager().clear_cache(username) or something similar but I think it's easy to miss invalidation and probably better to keep the ttl low. In our deployment we handle dag access through our custom logic overriding is_authorized_dag and roles, permissions, view_menu never changes for the users. Happy to hear thoughts since cache invalidation done correctly is a hard topic especially taking security into account. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
