Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Could not get DAG access permission after upgrade to 2.3.0
See original GitHub issueApache Airflow version
2.3.0 (latest released)
What happened
I upgraded my airflow instance from version 2.1.3 to 2.3.0 but got issue that there are no permission for new DAGs. The issue only happens in DAG which has dag_id contains dot symbol.
What you think should happen instead
There should be 3 new permissions for a DAG.
How to reproduce
- Create a new DAG with id, lets say:
dag.id_1 - Go to the UI -> Security -> List Role
- Edit any Role
- Try to insert permissions of new DAG above to chosen role.
-> Could not get any permission for created DAG above.
There are 3 DAG permissions named
can_read_DAG:dag,can_edit_DAG:dag,can_delete_DAG:dagThere should be 3 new permissions:can_read_DAG:dag.id_1,can_edit_DAG:dag.id_1,can_delete_DAG:dag.id_1
Operating System
Kubernetes
Versions of Apache Airflow Providers
No response
Deployment
Official Apache Airflow Helm Chart
Deployment details
No response
Anything else
No response
Are you willing to submit PR?
- Yes I am willing to submit a PR!
Code of Conduct
- I agree to follow this project’s Code of Conduct
Issue Analytics
- State:
- Created a year ago
- Comments:6 (5 by maintainers)
Top Results From Across the Web
Access Control — Airflow Documentation
DAG Level Role¶ ... Admin can create a set of roles which are only allowed to view a certain set of dags. This...
Read more >Apache Airflow - Browse /2.3.0 at SourceForge.net
Programmatically author, schedule, and monitor workflows.
Read more >apache-airflow@2.0.0 - Snyk Vulnerability Database
This does not include vulnerabilities belonging to this package's dependencies. ... to create Dag Runs for dags that they don't have "edit" permissions...
Read more >Apache Airflow : List of security vulnerabilities - CVE Details
# CVE ID CWE ID Vulnerability Type(s) Publish Date Update Date Score Gaine...
1 CVE‑2022‑45402 601 2022‑11‑15 2022‑11‑17 0.0 None
2 CVE‑2022‑43985 601 2022‑11‑02 2022‑11‑03...
Read more >Airflow standalone sqlite3 Integrity Error - Stack Overflow
I'm trying to run airflow standalone after following these ... WARNI [airflow.models.crypto] empty cryptography key - values will not be ...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
It would have the same problem with dots, but rather than a database level trigger you could use the
access_controlfield of the DAG set automatically via a https://airflow.apache.org/docs/apache-airflow/stable/concepts/cluster-policies.htmlActually, I wrote a trigger script at database level which assigns DAG permissions for target role based on
team_namepattern in DAG id that i mentioned above. Of course my scripts could not works since there is no new DAG id followed by that convention inab_view_menutable. And i also can not do it in UI as mentioned in the issue description.By the way, i also added a pattern to the issue that there’s DAG permissions which have wrong dag_id in theirs name. Please check again. I think Airflow tried to create dag permission but got issue with dot symbol in dag_id.