potiuk commented on code in PR #34317: URL: https://github.com/apache/airflow/pull/34317#discussion_r1356003454
########## airflow/www/security_manager.py: ########## @@ -738,24 +633,9 @@ def create_perm_vm_for_all_dag(self) -> None: def check_authorization( self, perms: Sequence[tuple[str, str]] | None = None, - dag_id: str | None = None, ) -> bool: """Checks that the logged in user has the specified permissions.""" if not perms: return True - for perm in perms: - if perm in ( - (permissions.ACTION_CAN_READ, permissions.RESOURCE_DAG), - (permissions.ACTION_CAN_EDIT, permissions.RESOURCE_DAG), - (permissions.ACTION_CAN_DELETE, permissions.RESOURCE_DAG), - ): - can_access_all_dags = self.has_access(*perm) - if not can_access_all_dags: - action = perm[0] - if not self.can_access_some_dags(action, dag_id): - return False - elif not self.has_access(*perm): - return False - - return True + return all(self.has_access(*perm) for perm in perms) Review Comment: Should we also deprecate / raise exception here? See https://github.com/apache/airflow/pull/34317/files#r1355974367 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@airflow.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org