I was able to reproduce, to fix I modified the "Viewer" role via the UI and added permission "can dag read on all_dags" manually.
On 1/21/19 6:49 AM, Deng Xiaodong wrote: > Hi Kaxil, > > A potential bug found in 1.10.2rc3. > > > # Potential Bug: > > Viewer Role can't access pages to which it has permissions > > # How to Reproduce: > > - Under RBAC UI, create a user with "Viewer" role. Then use this > account to log in. > - You will be able to access the main page. However, you will not be > able to access any page of a specific DAG, including Tree, Graph View, > Gantt, Code View, Landing Time, etc. Literally all the pages of a > specific DAG. However, in the Role specs, View role has permissions to > all these pages. > > - After clicking, users are redirected to the main page directly, > without any explicit warning/error message like "Access Denied". > > # Remarks: > > - I have compared the default permissions which are granted to Viewer > role between 1.10.0 and 1.10.2rc3. They are all the same. > - In 1.10.0, Viewer role can access all these pages without any issue. > - Seems this issue only exists for Viewer role. > > > Please let me know if you can reproduce this issue. > > Please consider this as my -1 (non-binding) as well. > > Thanks! > > > XD
