Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

check whether AUTH_ROLE_PUBLIC is set in check_authentication #39012

Merged
merged 2 commits into from
Apr 15, 2024
Merged

check whether AUTH_ROLE_PUBLIC is set in check_authentication #39012

merged 2 commits into from
Apr 15, 2024

Conversation

Lee-W
Copy link
Member

@Lee-W Lee-W commented Apr 15, 2024

Closes: #38900

Why

Currently, some of the web UI uses API endpoint to grep data. e.g., the following ones

This is because check_authentication blocks users without authentication. But when AUTH_ROLE_PUBLIC is set, it's possible that the public user have permission to do certain operation (including viewing those pages).

What

This PR check whether AUTH_ROLE_PUBLIC is set. If so, it assumes it as a valid user. If the AUTH_ROLE_PUBLIC role does not have proper permission, the authorization step will still blocks the request.

@Lee-W Lee-W requested a review from jhtimmins as a code owner April 15, 2024 01:45
@Lee-W Lee-W added the full tests needed We need to run full set of tests for this PR to merge label Apr 15, 2024
@Lee-W Lee-W mentioned this pull request Apr 15, 2024
Merged
@Lee-W
Copy link
Member Author

Lee-W commented Apr 15, 2024
edited
Loading

It was initially #38924 but reverted to #39009 due to an issue found.

@Lee-W Lee-W closed this Apr 15, 2024
@Lee-W Lee-W reopened this Apr 15, 2024
@eladkal eladkal added this to the Airflow 2.9.1 milestone Apr 15, 2024
@eladkal eladkal added the type:bug-fix Changelog: Bug Fixes label Apr 15, 2024
@vincbeck vincbeck merged commit 21f08dd into apache:main Apr 15, 2024
69 checks passed
@Lee-W Lee-W deleted the fix-AUTH_ROLE_PUBLIC branch April 16, 2024 00:25
jedcunningham pushed a commit that referenced this pull request Apr 26, 2024
@Lee-W @jedcunningham
Check whether AUTH_ROLE_PUBLIC is set in check_authentication (#…
983ab58 
…39012)

(cherry picked from commit 21f08dd)
@ephraimbuddy ephraimbuddy mentioned this pull request Apr 30, 2024
Closed
56 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@vincbeck vincbeck vincbeck approved these changes

@eladkal eladkal eladkal approved these changes

@potiuk potiuk potiuk approved these changes

@jhtimmins jhtimmins Awaiting requested review from jhtimmins

Assignees
No one assigned
Labels
area:API Airflow's REST/HTTP API area:providers full tests needed We need to run full set of tests for this PR to merge provider:fab type:bug-fix Changelog: Bug Fixes
Projects
None yet
Milestone
Airflow 2.9.1
Development

Successfully merging this pull request may close these issues.

401 UNAUTHORIZED when using AUTH_ROLE_PUBLIC = "Admin"
4 participants
@Lee-W @potiuk @eladkal @vincbeck