airflow-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Deng Xiaodong <>
Subject Re: [VOTE] Airflow 1.10.2rc3
Date Mon, 21 Jan 2019 05:49:49 GMT
Hi Kaxil,

A potential bug found in 1.10.2rc3.

# Potential Bug:

Viewer Role can't access pages to which it has permissions

# How to Reproduce:

- Under RBAC UI, create a user with "Viewer" role. Then use this
account to log in.
- You will be able to access the main page. However, you will not be
able to access any page of a specific DAG, including Tree, Graph View,
Gantt, Code View, Landing Time, etc. Literally all the pages of a
specific DAG. However, in the Role specs, View role has permissions to
all these pages.

- After clicking, users are redirected to the main page directly,
without any explicit warning/error message like "Access Denied".

# Remarks:

- I have compared the default permissions which are granted to Viewer
role between 1.10.0 and 1.10.2rc3. They are all the same.
- In 1.10.0, Viewer role can access all these pages without any issue.
- Seems this issue only exists for Viewer role.

Please let me know if you can reproduce this issue.

Please consider this as my -1 (non-binding) as well.



On Sat, Jan 19, 2019 at 22:06 Kaxil Naik <> wrote:

> Hey all,
> I have cut Airflow 1.10.2 RC3. This email is calling a vote on the release,
> which will last for 72 hours. Consider this my (binding) +1.
> Airflow 1.10.2 RC3 is available at:
> *apache-airflow-1.10.2rc3-source.tar.gz* is a source release that comes
> with INSTALL instructions.
> *apache-airflow-1.10.2rc3-bin.tar.gz* is the binary Python "sdist" release.
> Public keys are available at:
> Only votes from PMC members are binding, but members of the community are
> encouraged to test the release and vote with "(non-binding)".
> Please note that the version number excludes the `rcX` string, so it's now
> simply 1.10.2. This will allow us to rename the artifact without modifying
> the artifact checksums when we actually release.
> Changes since 1.10.2rc2:
> *Bugs*:
> [AIRFLOW-3732] Fix issue when trying to edit connection in RBAC UI
> [AIRFLOW-2866] Fix missing CSRF token head when using RBAC UI (#3804)
> [AIRFLOW-3259] Fix internal server error when displaying charts (#4114)
> [AIRFLOW-3271] Fix issue with persistence of RBAC Permissions modified via
> UI (#4118)
> [AIRFLOW-3141] Handle duration View for missing dag (#3984)
> [AIRFLOW-2766] Respect shared datetime across tabs
> [AIRFLOW-1413] Fix FTPSensor failing on error message with unexpected
> (#2450)
> [AIRFLOW-3378] KubernetesPodOperator does not delete on timeout failure
> (#4218)
> [AIRFLOW-3245] Fix list processing in resolve_template_files (#4086)
> [AIRFLOW-2703] Catch transient DB exceptions from scheduler's heartbeat it
> does not crash (#3650)
> [AIRFLOW-1298] Clear UPSTREAM_FAILED using the clean cli (#3886)
> *Improvements*:
> [AIRFLOW-3302] Small CSS fixes (#4140)
> [Airflow-2766] Respect shared datetime across tabs
> [AIRFLOW-2776] Compress tree view JSON
> [AIRFLOW-2407] Use feature detection for reload() (#3298)
> [AIRFLOW-3452] Removed an unused/dangerous display-none (#4295)
> [AIRFLOW-3348] Update run statistics on dag refresh (#4197)
> [AIRFLOW-3125] Monitor Task Instances creation rates (#3966)
> *New features*:
> [AIRFLOW-2874] Enables FAB's theme support (#3719)
> [AIRFLOW-3336] Add new TriggerRule for 0 upstream failures (#4182)
> *Doc-only Change*:
> [AIRFLOW-XXX] Fix BashOperator Docstring (#4052)
> [AIRFLOW-3018] Fix Minor issues in Documentation
> [AIRFLOW-XXX] Fix Minor issues with Azure Cosmos Operator (#4289)
> [AIRFLOW-3382] Fix incorrect docstring in DatastoreHook (#4222)
> [AIRFLOW-XXX] Fix copy&paste mistake (#4212)
> [AIRFLOW-3260] Correct misleading BigQuery error (#4098)
> [AIRFLOW-XXX] Fix Typo in SFTPOperator docstring (#4016)
> [AIRFLOW-XXX] Fixing the issue in Documentation (#3998)
> [AIRFLOW-XXX] Fix undocumented params in S3_hook
> [AIRFLOW-XXX] Fix SlackWebhookOperator execute method comment (#3963)
> [AIRFLOW-3070] Refine web UI authentication-related docs (#3863)
> Regards,
> *Kaxil Naik*

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message