The AIP has been voted and accepted. I created a board on Github to track all
the different tasks related to the AIP. The board is here:
https://github.com/orgs/apache/projects/276
If you're interested to work on any specific issue/task, feel free to comment,
I'll be happy to assign it to you.
cool!
On Mon, Jun 26, 2023 at 7:49 PM Beck, Vincent
wrote:
> Hello,
>
> AIP-56 has been accepted.
>
> 3 +1 binding votes received:
> - Jarek Potiuk
> - Niko Oliveira
> - Hussein Awala
>
> 6 +1 non-binding votes received:
> - Shubham Mehta
> - Dennis Ferruzzi
> - Phani Kumar
> - Pankaj Koti
> - R
Hello,
AIP-56 has been accepted.
3 +1 binding votes received:
- Jarek Potiuk
- Niko Oliveira
- Hussein Awala
6 +1 non-binding votes received:
- Shubham Mehta
- Dennis Ferruzzi
- Phani Kumar
- Pankaj Koti
- Raphael Vandon
- Vincent Beck
I will create issues to track the different tasks related t
now the
content is safe.
Dear Airflow community,
I would like to start a vote for "AIP-56 Extensible user management".
You can find the AIP here:
https://cwiki.apache.org/confluence/display/AIRFLOW/AIP-56+Extensible+user+management
<https://cwiki.apache.org/confluence/disp
It is never too late :)
These views won't change or won't move, they are not part of the views we will
move into auth managers. I am not sure you meant that but I wanted to clarify
that. And to your second question, the goal is to replace this decorator which
checks if a user has permissions to
Seems like a good solution to a feature a lot of folks want.
> > non-binding
> > > > +1
> > > >
> > > >
> > > > - ferruzzi
> > > >
> > > >
> > > > ____
> > > > From: Mehta, Shubham
> &
hi,
I like the AIP a lot.
Sorry for joining the discussion late.
I had a question regarding access to UI views in Airflow.
I checked the list of resources in Security -> Resources. I see there we
have DAGs as resources. However for these DAGs there are views exposed with
the help of flask app
e.g
gt; - ferruzzi
> > >
> > >
> > >
> > > From: Mehta, Shubham
> > > Sent: Monday, June 19, 2023 10:25 AM
> > > To: dev@airflow.apache.org
> > > Subject: RE: [EXTERNAL][VOTE] AIP-56 Extensible user ma
ERNAL][VOTE] AIP-56 Extensible user management
> >
> >
> > CAUTION: This email originated from outside of the organization. Do not
> > click links or open attachments unless you can confirm the sender and
> know
> > the content is safe.
> >
> >
> &
ne 19, 2023 10:25 AM
> To: dev@airflow.apache.org
> Subject: RE: [EXTERNAL][VOTE] AIP-56 Extensible user management
>
> CAUTION: This email originated from outside of the organization. Do not
> click links or open attachments unless you can confirm the sender and know
> the content is safe.
&g
Seems like a good solution to a feature a lot of folks want. non-binding +1
- ferruzzi
From: Mehta, Shubham
Sent: Monday, June 19, 2023 10:25 AM
To: dev@airflow.apache.org
Subject: RE: [EXTERNAL][VOTE] AIP-56 Extensible user management
CAUTION: This email
vincb...@amazon.com.inva>lid>
wrote:
> Dear Airflow community,
>
> I would like to start a vote for "AIP-56 Extensible user management".
>
> You can find the AIP here:
> https://cwiki.apache.org/confluence/display/AIRFLOW/AIP-56+Extensible+user+management
>
> &l
+1 (binding)
From: Jarek Potiuk
Sent: Monday, June 19, 2023 7:38:08 AM
To: dev@airflow.apache.org
Subject: RE: [EXTERNAL][VOTE] AIP-56 Extensible user management
CAUTION: This email originated from outside of the organization. Do not click
links or open
+1 (binding).
On Mon, Jun 19, 2023 at 4:12 PM Beck, Vincent
wrote:
> Dear Airflow community,
>
> I would like to start a vote for "AIP-56 Extensible user management".
>
> You can find the AIP here:
> https://cwiki.apache.org/confluence/display/AIRFLOW/AIP-5
Dear Airflow community,
I would like to start a vote for "AIP-56 Extensible user management".
You can find the AIP here:
https://cwiki.apache.org/confluence/display/AIRFLOW/AIP-56+Extensible+user+management
Discussion thread:
https://lists.apache.org/thread/ck8dsj5w82lvr0cpwr4wlp
Sounds good to me. Hopefully we can make it happen, but we give ourselves
an escape hatch :)
On Fri, Jun 16, 2023 at 9:45 AM Beck, Vincent
wrote:
> Thanks for the feedback Jed, that's something I confess I had not thought
> about. It is a valid concern. What I can propose as a compromise is to
>
Thanks for the feedback Jed, that's something I confess I had not thought
about. It is a valid concern. What I can propose as a compromise is to leave
the "move FAB auth manager to a separate provider" task to the end of the
project and mark it as optional. In other words, we can build everythin
Overall I'm happy with the proposal. One thing that concerns me though is
moving the FAB auth manager into a separate provider. That auth manager
will need to be able to hook into the db migration tooling, and we don't
expose that to providers or plugins today. So if we do want to move it, we
have
Hello,
I updated the AIP
(https://cwiki.apache.org/confluence/display/AIRFLOW/AIP-56+Extensible+user+management)
to add a new section about the "is_authorized" API context. I tried to address
all the concerns and questions gathered in this thread. You can find this new
sec
; > > > bdbr...@gmail.com <mailto:bdbr...@gmail.com>>> wrote:
> > > >
> > > >
> > > >
> > > > I think think the name “User Manager” is a misnomer and it should
> just
> > be
> > > > called “Security Manager”. It
>
> > > > I hope that helps,
> > > > Vincent
> > > >
> > > > On 2023-05-15, 5:30 PM, "Bolke de Bruin" > > > <mailto:bdbr...@gmail.com>
> > > > bdbr...@gmail.com <mailto:bdbr...@gmail.com>>>
> > >
> > > > On 2023-05-15, 5:30 PM, "Bolke de Bruin" > > > bdbr...@gmail.com>> wrote:
> > > >
> > > >
> > > >
> > > > I think think the name “User Manager” is a misnomer and it should
> just
&g
gt; > 1 - Define API that a Security Plugin should adhere to (AuthZ/AuthN)
> > > 2 - Have a default Security Plugin based on FAB
> > >
> > >
> > > Points of improvement:
> > >
> > >
> > > * is_authorized should include context so th
. Non implementing security managers can ignore it.
> > * I’d prefer some kind of ’standards’ based API. Like using Flask’s way
> of
> > registering endpoints or something along those lines. See also questions
> > below.
> >
> >
> > Questions:
> >
> >
&g
et_tab_configuration special? We have this possibility in
> standard “plugins”. I suggest using that framework
> * What is the need for “get_user_name”? Are we going to invent our own
> Framework? Otherwise Flask might work?
>
>
>
>
> Cheers
> Bolke
>
>
> On 9 May 2
b...@amazon.com.inva>lid)
wrote:
Hello all,
I would like to start voting on this one so please add your comments on the
API or by replying here if you're interested, you still have time to do it
:)
AIP:
https://cwiki.apache.org/confluence/display/AIRFLOW/AIP-56+Extensible+user+managemen
you're interested, you still have time to do it
:)
AIP:
https://cwiki.apache.org/confluence/display/AIRFLOW/AIP-56+Extensible+user+management
Vincent
On 2023-05-03, 8:03 AM, "Jarek Potiuk" > wrote:
CAUTION: This email originated from outside of the organization. Do not
c
Hello all,
I would like to start voting on this one so please add your comments on the API
or by replying here if you're interested, you still have time to do it :)
AIP:
https://cwiki.apache.org/confluence/display/AIRFLOW/AIP-56+Extensible+user+management
Vincent
On 2023-05-03, 8:
t; >
>> > > > On Fri, Mar 31, 2023 at 9:35 AM Mehta, Shubham
>> mailto:shu...@amazon.com.inva>lid
>> > > >
>> > > > wrote:
>> > > >
>> > > >> Bumping this up for feedback!
>> > > >>
&g
gt; > >>
> > > >>
> > > >> On 2023-03-28, 2:05 PM, "Beck, Vincent" <mailto:vincb...@amazon.com.inva>
> > > >> <mailto:vincb...@amazon.com.inva <mailto:vincb...@amazon.com.inva>>LID>
> wrote:
> > > >>
>>
> > >> CAUTION: This email originated from outside of the organization. Do not
> > >> click links or open attachments unless you can confirm the sender and
> > know
> > >> the content is safe.
> > >>
> > >>
> > >>
> > >>
&g
; >> management". This AIP is a follow-up on a discussion we had in this
> email
> >> list on the multi tenancy topic. I decided to create a new email thread
> >> because I feel the topic had diverged a bit from the original topic
> (multi
> >> tenancy).
> >>
>
;
> >>
> >> As a summary, the purpose of this AIP is to extract the user management
> >> from core Airflow by introducing a user manager interface in the core
> >> Airflow that can be extended by any provider package who want to support
> >
e who want to support
>> user management natively. As a result, if this AIP gets approved and go
>> through, the multi tenancy feature will be implemented as a second step in
>> a new user manager and not in Airflow directly.
>>
>>
>> As always, feel very
support
> user management natively. As a result, if this AIP gets approved and go
> through, the multi tenancy feature will be implemented as a second step in
> a new user manager and not in Airflow directly.
>
>
> As always, feel very free to give your opinion on this email
be implemented as a second step in a new user manager and
not in Airflow directly.
As always, feel very free to give your opinion on this email thread or on the
AIP by adding comments.
References:
- AIP:
https://cwiki.apache.org/confluence/display/AIRFLOW/AIP-56+Extensible+user+managem
ce/display/AIRFLOW/AIP-56+Extensible+user+management
- Initial email list discussion:
https://lists.apache.org/thread/lf585xvvxpqtzhfyc6drzrf3rmg37w61
Vincent
37 matches
Mail list logo