I think you could extend that method. We shouldn't call db directly unless FAB doesn't provide the api to do so.
On Wed, Jan 23, 2019 at 8:18 AM Victor Noël <[email protected]> wrote: > Hi, > > I'm upgrading from 1.10.1 to 1.10.2 and I had a custom SecurityManager that > was extending flask_appbuilder.security.sqla.manager.SecurityManager but it > seems that now I need to extend AirflowSecurityManager. > > It's fine by me but I would like to understand something: if I want to add > Admin role to some users based on some condition, until now I was > overriding add_user to add the extra role on user creation if the condition > was true. > > But when I read the code of AirflowSecurityManager, I see there is a > get_user_roles method: can I extend it so that I can just check the > condition here and add Admin to the list of roles. The advantage would be > to not have to add the role when the user is created (and thus if I change > something in the condition, I don't need to delete and recreate the user). > > In another words: can I be sure that airflow will always go through this > method to check the role of a user and not bypass the > AirflowSecurityManager to check the db directly? > > Thanks for any help! > > Victor >
