steveahnahn opened a new pull request, #57594:
URL: https://github.com/apache/airflow/pull/57594
## Summary
Fixed variable export functionality in the Airflow UI to return
unmasked/real values instead of masked values (***), and added admin/elevated
access protection to ensure only authorized users can export unmasked values.
## Problem
This problem occurred because the UI was downloading cached data from the
GET endpoint which uses VariableResponse model that masks sensitive fields. CLI
export worked correctly because it directly accesses the database without
masking
## Solution
Created a new dedicated export endpoint with proper security controls.
Requires OP level access as it grants controls over editing variables
- Changed export button to call new VariableService.exportVariables() API
<img width="782" height="273" alt="Screenshot 2025-10-30 at 2 38 26 PM"
src="https://github.com/user-attachments/assets/ee777c08-f808-4887-9a19-20656337b6ba";
/>
<img width="306" height="154" alt="Screenshot 2025-10-30 at 2 38 33 PM"
src="https://github.com/user-attachments/assets/464f1e77-06fc-4f44-a69c-91ba580501ca";
/>
## Test
Added test_export_variables_with_unmasked_values that verifies password
variables export with real values
## Related Issue
Fixes #57428
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
