From 742da0582bece3be34a3a61251a60ed6e3d37289 Mon Sep 17 00:00:00 2001 From: Vincent <97131062+vincbeck@users.noreply.github.com> Date: Mon, 11 Dec 2023 14:12:20 -0500 Subject: [PATCH] Remove `is_authorized_cluster_activity` from auth manager --- airflow/auth/managers/base_auth_manager.py | 14 -------------- .../amazon/aws/auth_manager/aws_auth_manager.py | 3 --- .../providers/fab/auth_manager/fab_auth_manager.py | 3 --- airflow/www/auth.py | 4 ---- airflow/www/views.py | 4 ++-- tests/auth/managers/test_base_auth_manager.py | 3 --- .../fab/auth_manager/test_fab_auth_manager.py | 2 -- tests/www/test_auth.py | 1 - 8 files changed, 2 insertions(+), 32 deletions(-) diff --git a/airflow/auth/managers/base_auth_manager.py b/airflow/auth/managers/base_auth_manager.py index f50e40082b901..fb57c984d5b29 100644 --- a/airflow/auth/managers/base_auth_manager.py +++ b/airflow/auth/managers/base_auth_manager.py @@ -134,20 +134,6 @@ def is_authorized_configuration( :param user: the user to perform the action on. If not provided (or None), it uses the current user """ - @abstractmethod - def is_authorized_cluster_activity( - self, - *, - method: ResourceMethod, - user: BaseUser | None = None, - ) -> bool: - """ - Return whether the user is authorized to perform a given action on the cluster activity. - - :param method: the method to perform - :param user: the user to perform the action on. If not provided (or None), it uses the current user - """ - @abstractmethod def is_authorized_connection( self, diff --git a/airflow/providers/amazon/aws/auth_manager/aws_auth_manager.py b/airflow/providers/amazon/aws/auth_manager/aws_auth_manager.py index 99b6d4f70c560..20234f5f2b027 100644 --- a/airflow/providers/amazon/aws/auth_manager/aws_auth_manager.py +++ b/airflow/providers/amazon/aws/auth_manager/aws_auth_manager.py @@ -99,9 +99,6 @@ def is_authorized_configuration( entity_id=config_section, ) - def is_authorized_cluster_activity(self, *, method: ResourceMethod, user: BaseUser | None = None) -> bool: - return self.is_logged_in() - def is_authorized_connection( self, *, diff --git a/airflow/providers/fab/auth_manager/fab_auth_manager.py b/airflow/providers/fab/auth_manager/fab_auth_manager.py index cc9c590db45c4..3f160da49708e 100644 --- a/airflow/providers/fab/auth_manager/fab_auth_manager.py +++ b/airflow/providers/fab/auth_manager/fab_auth_manager.py @@ -193,9 +193,6 @@ def is_authorized_configuration( ) -> bool: return self._is_authorized(method=method, resource_type=RESOURCE_CONFIG, user=user) - def is_authorized_cluster_activity(self, *, method: ResourceMethod, user: BaseUser | None = None) -> bool: - return self._is_authorized(method=method, resource_type=RESOURCE_CLUSTER_ACTIVITY, user=user) - def is_authorized_connection( self, *, diff --git a/airflow/www/auth.py b/airflow/www/auth.py index 8519fc8153d74..5aaf5913dba65 100644 --- a/airflow/www/auth.py +++ b/airflow/www/auth.py @@ -182,10 +182,6 @@ def _has_access(*, is_authorized: bool, func: Callable, args, kwargs): return redirect(get_auth_manager().get_url_login(next=request.url)) -def has_access_cluster_activity(method: ResourceMethod) -> Callable[[T], T]: - return _has_access_no_details(lambda: get_auth_manager().is_authorized_cluster_activity(method=method)) - - def has_access_configuration(method: ResourceMethod) -> Callable[[T], T]: return _has_access_no_details(lambda: get_auth_manager().is_authorized_configuration(method=method)) diff --git a/airflow/www/views.py b/airflow/www/views.py index f51fbb9e79c93..8fef6aea588a1 100644 --- a/airflow/www/views.py +++ b/airflow/www/views.py @@ -1055,7 +1055,7 @@ def datasets(self): ) @expose("/cluster_activity") - @auth.has_access_cluster_activity("GET") + @auth.has_access_view(AccessView.CLUSTER_ACTIVITY) def cluster_activity(self): """Cluster Activity view.""" state_color_mapping = State.state_color.copy() @@ -3556,7 +3556,7 @@ def grid_data(self): ) @expose("/object/historical_metrics_data") - @auth.has_access_cluster_activity("GET") + @auth.has_access_view(AccessView.CLUSTER_ACTIVITY) def historical_metrics_data(self): """Return cluster activity historical metrics.""" start_date = _safe_parse_datetime(request.args.get("start_date")) diff --git a/tests/auth/managers/test_base_auth_manager.py b/tests/auth/managers/test_base_auth_manager.py index 832ae50d2ad94..6655c0113285e 100644 --- a/tests/auth/managers/test_base_auth_manager.py +++ b/tests/auth/managers/test_base_auth_manager.py @@ -57,9 +57,6 @@ def is_authorized_configuration( ) -> bool: raise NotImplementedError() - def is_authorized_cluster_activity(self, *, method: ResourceMethod, user: BaseUser | None = None) -> bool: - raise NotImplementedError() - def is_authorized_connection( self, *, diff --git a/tests/providers/fab/auth_manager/test_fab_auth_manager.py b/tests/providers/fab/auth_manager/test_fab_auth_manager.py index 12aaeb0488d3c..e4c574553656b 100644 --- a/tests/providers/fab/auth_manager/test_fab_auth_manager.py +++ b/tests/providers/fab/auth_manager/test_fab_auth_manager.py @@ -34,7 +34,6 @@ ACTION_CAN_DELETE, ACTION_CAN_EDIT, ACTION_CAN_READ, - RESOURCE_CLUSTER_ACTIVITY, RESOURCE_CONFIG, RESOURCE_CONNECTION, RESOURCE_DAG, @@ -52,7 +51,6 @@ IS_AUTHORIZED_METHODS_SIMPLE = { "is_authorized_configuration": RESOURCE_CONFIG, - "is_authorized_cluster_activity": RESOURCE_CLUSTER_ACTIVITY, "is_authorized_connection": RESOURCE_CONNECTION, "is_authorized_dataset": RESOURCE_DATASET, "is_authorized_variable": RESOURCE_VARIABLE, diff --git a/tests/www/test_auth.py b/tests/www/test_auth.py index a85fa9803dad6..bd2e963f86ebe 100644 --- a/tests/www/test_auth.py +++ b/tests/www/test_auth.py @@ -45,7 +45,6 @@ def test_function(): @pytest.mark.parametrize( "decorator_name, is_authorized_method_name", [ - ("has_access_cluster_activity", "is_authorized_cluster_activity"), ("has_access_configuration", "is_authorized_configuration"), ("has_access_dataset", "is_authorized_dataset"), ("has_access_view", "is_authorized_view"),