sandeyshc opened a new issue, #50906: URL: https://github.com/apache/airflow/issues/50906
**Apache Airflow version:** Other Airflow 2 version (please specify below) **If "Other Airflow 2 version" selected, which one?** 2.7.3 **What happened?** When a DAG is deleted from Airflow, any permissions (such as read or edit access) that were manually assigned to roles for that DAG are not removed. As a result, roles still retain permissions for DAG IDs that no longer exist in the system. This can be confusing and may cause security concerns as old DAG IDs are still listed in role permissions. **What you think should happen instead?** When a DAG is deleted from Airflow, all related permissions for that DAG (across all roles) should be automatically or programmatically removed, ensuring that roles do not have access to non-existent DAGs. **How to reproduce** 1. Assign read or edit permissions for a DAG to a role in Airflow. 2. Delete the DAG from Airflow. 3. Check the permissions for the role; you will see that the access for the deleted DAG is still present and visible in the UI. **Operating System** Please specify your operating system details (e.g., output of `cat /etc/os-release`). linux **Versions of Apache Airflow Providers** Please specify provider versions if relevant, e.g. `pip freeze | grep apache-airflow-providers`. **Deployment** Please select your deployment type (e.g., Docker-Compose, Helm Chart, etc.). Helm **Deployment details** Add any extra details about your deployment (e.g., version of Docker, Kubernetes, etc.). **Anything else?** Looking for -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
