[
https://issues.apache.org/jira/browse/AIRFLOW-3352?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16690143#comment-16690143
]
ASF GitHub Bot commented on AIRFLOW-3352:
-----------------------------------------
kaxil closed pull request #4194: [AIRFLOW-3352] Fix showing config on RBAC UI
when expose_config is False
URL: https://github.com/apache/incubator-airflow/pull/4194
This is a PR merged from a forked repository.
As GitHub hides the original diff on merge, it is displayed below for
the sake of provenance:
As this is a foreign pull request (from a fork), the diff is supplied
below (as it won't show otherwise due to GitHub magic):
diff --git a/airflow/www_rbac/views.py b/airflow/www_rbac/views.py
index 29e8da1b9c..f5ca0ca0c7 100644
--- a/airflow/www_rbac/views.py
+++ b/airflow/www_rbac/views.py
@@ -1798,11 +1798,18 @@ def conf(self):
raw = request.args.get('raw') == "true"
title = "Airflow Configuration"
subtitle = conf.AIRFLOW_CONFIG
- with open(conf.AIRFLOW_CONFIG, 'r') as f:
- config = f.read()
- table = [(section, key, value, source)
- for section, parameters in conf.as_dict(True, True).items()
- for key, (value, source) in parameters.items()]
+ # Don't show config when expose_config variable is False in airflow
config
+ if conf.getboolean("webserver", "expose_config"):
+ with open(conf.AIRFLOW_CONFIG, 'r') as f:
+ config = f.read()
+ table = [(section, key, value, source)
+ for section, parameters in conf.as_dict(True,
True).items()
+ for key, (value, source) in parameters.items()]
+ else:
+ config = (
+ "# Your Airflow administrator chose not to expose the "
+ "configuration, most likely for security reasons.")
+ table = None
if raw:
return Response(
diff --git a/tests/www_rbac/test_views.py b/tests/www_rbac/test_views.py
index af5fee3180..2520cfe340 100644
--- a/tests/www_rbac/test_views.py
+++ b/tests/www_rbac/test_views.py
@@ -448,9 +448,19 @@ def test_refresh(self):
class TestConfigurationView(TestBase):
- def test_configuration(self):
+ def test_configuration_do_not_expose_config(self):
self.logout()
self.login()
+ conf.set("webserver", "expose_config", "False")
+ resp = self.client.get('configuration', follow_redirects=True)
+ self.check_content_in_response(
+ ['Airflow Configuration', '# Your Airflow administrator chose not
to expose the configuration, '
+ 'most likely for security reasons.'],
resp)
+
+ def test_configuration_expose_config(self):
+ self.logout()
+ self.login()
+ conf.set("webserver", "expose_config", "True")
resp = self.client.get('configuration', follow_redirects=True)
self.check_content_in_response(
['Airflow Configuration', 'Running Configuration'], resp)
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
> Don't Show Airflow config in rbac view based on flag
> ----------------------------------------------------
>
> Key: AIRFLOW-3352
> URL: https://issues.apache.org/jira/browse/AIRFLOW-3352
> Project: Apache Airflow
> Issue Type: Bug
> Components: webserver
> Affects Versions: 1.10.0
> Reporter: Sai Phanindhra
> Assignee: Sai Phanindhra
> Priority: Major
> Labels: configuration, rbac, webserver
> Fix For: 1.10.2
>
>
> Earlier expose_config flags is used to toggle whether to show configuration
> in UI or not. This feature is not enabled when rbac is enabled. Add provision
> to toggle this feature when rbac is enabled on airflow.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
