ervazquez commented on issue #9245: URL: https://github.com/apache/airflow/issues/9245#issuecomment-674958390
> I believe it's happening here https://github.com/apache/airflow/blob/1.10.11/airflow/www_rbac/security.py#L373 . I didn't really have time to study the method properly (it's a bit too complex), to provide a fix. But esentially, this method is called periodically and if a role is in the `EXISTING_ROLES` list, it gets "synced" with permessions defined here - https://github.com/apache/airflow/blob/1.10.11/airflow/www_rbac/security.py#L160 . > > If a role is not in the list, its permission gets generated by the method and synced. I believe its during this process when permissions are added to the role automatically. > > My hot fix is that I created a custom role, I defined it the same way as default roles are (as shown in the 2nd link) and I added the role the `EXISTING_ROLES` list. This way I cannot modify its permission in UI, but at least the role has exactly the permission I need. @dakov I've been experiencing similar issues creating roles and getting them to work using the Airflow UI (version 1.10.11). I want to test your method. I tried the following: 1. modifying the script `./venv/lib/python3.7/site-packages/airflow/www_rbac/security.py` which is what I believe you were suggesting. 2. Running `airflow sync_perm` in the webserver Does not seem to be working for me. Please let me know if I'm missing something here. ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected]
