SUCHNA24 opened a new pull request, #63446: URL: https://github.com/apache/airflow/pull/63446
----What does this PR do? Fixes DAG-level access control for task group views. Previously, when `access_entity` was not provided, the authorization logic could attempt to validate access without ensuring that a valid DAG identifier (`details.id`) was present. This could lead to inconsistent permission checks when accessing task group views. This change ensures that `_is_authorized_dag()` is only called when a valid DAG ID exists. If the DAG identifier is missing, the request is denied. ----Why is this needed? Task group views should follow the same DAG-level authorization rules as other DAG-related resources. Ensuring that a valid DAG ID is present prevents incorrect permission checks. ----How was this tested? - Verified the authorization logic path for DAG access. - Confirmed that requests without a valid DAG identifier are denied. Closes: #59840 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
