vincbeck commented on code in PR #34317:
URL: https://github.com/apache/airflow/pull/34317#discussion_r1355567508
##########
airflow/api_connexion/endpoints/task_endpoint.py:
##########
@@ -22,21 +22,16 @@
from airflow.api_connexion import security
from airflow.api_connexion.exceptions import BadRequest, NotFound
from airflow.api_connexion.schemas.task_schema import TaskCollection,
task_collection_schema, task_schema
+from airflow.auth.managers.models.resource_details import DagAccessEntity
from airflow.exceptions import TaskNotFound
-from airflow.security import permissions
from airflow.utils.airflow_flask_app import get_airflow_app
if TYPE_CHECKING:
from airflow import DAG
from airflow.api_connexion.types import APIResponse
-@security.requires_access(
- [
- (permissions.ACTION_CAN_READ, permissions.RESOURCE_DAG),
- (permissions.ACTION_CAN_READ, permissions.RESOURCE_TASK_INSTANCE),
- ],
-)
+@security.requires_access_dag("GET", DagAccessEntity.TASK_INSTANCE)
Review Comment:
Ah I see! Yes I dont check for DAG run permissions for task instance
endpoints now because I thought it was not necessary. But it seems it is
necessary. Let me add that back
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscr...@airflow.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
