XD-DENG commented on a change in pull request #4118: [AIRFLOW-3271] Airflow
RBAC Permissions modification via UI do not persist
URL: https://github.com/apache/incubator-airflow/pull/4118#discussion_r232119883
##########
File path: airflow/www_rbac/security.py
##########
@@ -181,13 +181,21 @@ def init_role(self, role_name, role_vms, role_perms):
if not role:
role = self.add_role(role_name)
- role_pvms = []
- for pvm in pvms:
- if pvm.view_menu.name in role_vms and pvm.permission.name in
role_perms:
- role_pvms.append(pvm)
- role.permissions = list(set(role_pvms))
- self.get_session.merge(role)
- self.get_session.commit()
+ if len(role.permissions) == 0:
+ logging.info('Initializing permissions for role:%s in the
database.', role_name)
+ role_pvms = []
+ for pvm in pvms:
+ if pvm.view_menu.name in role_vms and pvm.permission.name in
role_perms:
+ role_pvms.append(pvm)
+ role.permissions = list(set(role_pvms))
+ self.get_session.merge(role)
+ self.get_session.commit()
+ else:
+ logging.info('Existing permissions for the role:%s within the
database will persist.', role_name)
+ for pvm in pvms:
+ if pvm not in role.permissions:
+ if pvm.view_menu.name in role_vms and pvm.permission.name
in role_perms:
+ role.permissions.append(pvm)
Review comment:
Glad to see the test passes!
Just wondering why the `else` chunk works without session merge/commit.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
With regards,
Apache Git Services
