[
https://issues.apache.org/jira/browse/AIRFLOW-3072?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16617953#comment-16617953
]
ASF GitHub Bot commented on AIRFLOW-3072:
-----------------------------------------
seelmann opened a new pull request #3913: [AIRFLOW-3072] Assign permission
get_logs_with_metadata to viewer role
URL: https://github.com/apache/incubator-airflow/pull/3913
Make sure you have checked _all_ steps below.
### Jira
- [X] My PR addresses the following [Airflow
Jira](https://issues.apache.org/jira/browse/AIRFLOW/) issues and references
them in the PR title.
- https://issues.apache.org/jira/browse/AIRFLOW-3072
### Description
- [X] Allow non-admin roles to view logs.
### Tests
- [X] My PR adds unit tests
### Commits
- [X] My commits all reference Jira issues in their subject lines, and I
have squashed multiple commits if they address the same issue. In addition, my
commits follow the guidelines from "[How to write a good git commit
message](http://chris.beams.io/posts/git-commit/)":
1. Subject is separated from body by a blank line
1. Subject is limited to 50 characters (not including Jira issue reference)
1. Subject does not end with a period
1. Subject uses the imperative mood ("add", not "adding")
1. Body wraps at 72 characters
1. Body explains "what" and "why", not "how"
### Documentation
- [ ] In case of new functionality, my PR adds documentation that describes
how to use it.
- When adding new operators/hooks/sensors, the autoclass documentation
generation needs to be added.
### Code Quality
- [X] Passes `git diff upstream/master -u -- "*.py" | flake8 --diff`
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
> Only admin can view logs in RBAC UI
> -----------------------------------
>
> Key: AIRFLOW-3072
> URL: https://issues.apache.org/jira/browse/AIRFLOW-3072
> Project: Apache Airflow
> Issue Type: Bug
> Components: ui
> Affects Versions: 1.10.0
> Reporter: Stefan Seelmann
> Assignee: Stefan Seelmann
> Priority: Major
>
> With RBAC enabled, only users with role admin can view logs.
> The default roles (excluding public) include permission {{can_log}} which
> allows to open the /log page, however the actual log message is loaded with
> another XHR request which required the additional permission
> {{get_logs_with_metadata}}.
> My suggestion is to add the permission and assign tog viewer role. Or is
> there a cause why only admin should be able to see logs?
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
