airflow-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Luangsay Sourygna <>
Subject How to handle Group filtering in RBAC?
Date Tue, 31 Jul 2018 10:18:18 GMT
Hi all,

I've just tested the last version of Aiflow with the new RBAC feature. It
looks great.

However, I miss the possibility to do "Group filtering".

That is: I only want users to be able to auto register if they belong to a
specific (ldap) group.

I have been able to add this feature by modifying a bit the code:

[root@18bc31801cc3 airflow]# diff


<     def auth_ldap_group_field(self):

<         return self.appbuilder.get_app.config['AUTH_LDAP_GROUP_FIELD']


<     @property

<     def auth_ldap_allowed_group_auto_registration_field(self):

<         return


<     @property


<                              self.auth_ldap_group_field,


<                         if not
self.auth_ldap_allowed_group_auto_registration_field in

<                             log.warning(username + " cannot auto register
because it does not belong to the group " +

<                             return None

However, before proposing to push this upstream, I would like to know if
some of you have some better ideas about how to handle this group problem?

What is more, in my changes I modify Flask and not Airflow, so maybe I
should look at another way to solve my requirement.



  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message