ashb commented on issue #4569: [AIRFLOW-3745] Fix viewer not able to view dag details URL: https://github.com/apache/airflow/pull/4569#issuecomment-469828759 1. It never gets to L1657, `@has_dag_access` issues a 302 before the view fn is ever run. 2. I'll cherry-pick this PR (which adds the change you suggest) in to 1.10.3 which will fix the problem for new installs. Adding all_dags to the existing roles (I assume you mean Admin,User,Op, not all roles in the DB?) would "work" but it seems counter to the purpose of #4118, of letting those roles be editable by the admin of the site. Let me have a look at how we might do this with a migration. If we could (easily, without loads of code) replace all the role syncing code at run time, which would also have the benefit of removing the mildly annoying "duplicate" log lines: ``` [2019-03-05 19:38:25,622] {security.py:437} INFO - Start syncing user roles. [2019-03-05 19:38:25,634] {security.py:437} INFO - Start syncing user roles. [2019-03-05 19:38:25,677] {security.py:437} INFO - Start syncing user roles. [2019-03-05 19:38:25,684] {security.py:437} INFO - Start syncing user roles. [2019-03-05 19:38:25,988] {security.py:195} INFO - Existing permissions for the role:Viewer within the database will persist. [2019-03-05 19:38:26,085] {security.py:195} INFO - Existing permissions for the role:Viewer within the database will persist. [2019-03-05 19:38:26,172] {security.py:195} INFO - Existing permissions for the role:Viewer within the database will persist. [2019-03-05 19:38:26,183] {security.py:195} INFO - Existing permissions for the role:Viewer within the database will persist. [2019-03-05 19:38:26,520] {security.py:195} INFO - Existing permissions for the role:User within the database will persist. [2019-03-05 19:38:26,538] {security.py:195} INFO - Existing permissions for the role:User within the database will persist. [2019-03-05 19:38:26,692] {security.py:195} INFO - Existing permissions for the role:User within the database will persist. [2019-03-05 19:38:26,784] {security.py:195} INFO - Existing permissions for the role:User within the database will persist. [2019-03-05 19:38:27,158] {security.py:195} INFO - Existing permissions for the role:Op within the database will persist. [2019-03-05 19:38:27,165] {security.py:195} INFO - Existing permissions for the role:Op within the database will persist. [2019-03-05 19:38:27,166] {security.py:195} INFO - Existing permissions for the role:Op within the database will persist. [2019-03-05 19:38:27,169] {security.py:346} INFO - Fetching a set of all permission, view_menu from FAB meta-table [2019-03-05 19:38:27,170] {security.py:346} INFO - Fetching a set of all permission, view_menu from FAB meta-table [2019-03-05 19:38:27,173] {security.py:195} INFO - Existing permissions for the role:Op within the database will persist. [2019-03-05 19:38:27,177] {security.py:346} INFO - Fetching a set of all permission, view_menu from FAB meta-table [2019-03-05 19:38:27,203] {security.py:346} INFO - Fetching a set of all permission, view_menu from FAB meta-table [2019-03-05 19:38:28,254] {security.py:299} INFO - Cleaning faulty perms [2019-03-05 19:38:28,266] {security.py:299} INFO - Cleaning faulty perms [2019-03-05 19:38:28,268] {security.py:299} INFO - Cleaning faulty perms [2019-03-05 19:38:28,289] {security.py:299} INFO - Cleaning faulty perms ``` (Cos each worker runs the checks, we do this for every worker at start, and then every 30s as the new worker cycles).
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services