diff --git a/airflow/security/permissions.py b/airflow/security/permissions.py index b83342341c600..983ebbd7f48ef 100644 --- a/airflow/security/permissions.py +++ b/airflow/security/permissions.py @@ -39,6 +39,13 @@ RESOURCE_VARIABLE = "Variables" RESOURCE_WEBSITE = "Website" RESOURCE_XCOM = "XComs" +RESOURCE_USERINFO_EDIT_VIEW = "UserInfoEditView" +RESOURCE_RESET_MY_PASSWORD_VIEW = "ResetMyPasswordView" +RESOURCE_USER_DB_MODELVIEW = "UserDBModelView" +RESOURCE_USER_OID_MODELVIEW = "UserOIDModelView" +RESOURCE_USER_LDAP_MODELVIEW = "UserLDAPModelView" +RESOURCE_USER_OAUTH_MODELVIEW = "UserOAuthModelView" +RESOURCE_USER_REMOTEUSER_MODELVIEW = "UserRemoteUserModelView" # Action Constants ACTION_CAN_CREATE = "can_create" @@ -46,5 +53,10 @@ ACTION_CAN_EDIT = "can_edit" ACTION_CAN_DELETE = "can_delete" ACTION_CAN_ACCESS_MENU = "menu_access" +ACTION_CAN_THIS_FORM_GET = "can_this_form_get" +ACTION_CAN_THIS_FORM_POST = "can_this_form_post" +ACTION_RESETMYPASSWORD = "resetmypassword" +ACTION_CAN_USERINFO = "can_userinfo" +ACTION_USERINFOEDIT = "userinfoedit" DEPRECATED_ACTION_CAN_DAG_READ = "can_dag_read" DEPRECATED_ACTION_CAN_DAG_EDIT = "can_dag_edit" diff --git a/airflow/www/security.py b/airflow/www/security.py index 601423e82ea2a..8f574506d00f0 100644 --- a/airflow/www/security.py +++ b/airflow/www/security.py @@ -74,6 +74,17 @@ class AirflowSecurityManager(SecurityManager, LoggingMixin): (permissions.ACTION_CAN_ACCESS_MENU, permissions.RESOURCE_PLUGIN), (permissions.ACTION_CAN_ACCESS_MENU, permissions.RESOURCE_SLA_MISS), (permissions.ACTION_CAN_ACCESS_MENU, permissions.RESOURCE_TASK_INSTANCE), + (permissions.ACTION_CAN_THIS_FORM_GET, permissions.RESOURCE_RESET_MY_PASSWORD_VIEW), + (permissions.ACTION_CAN_THIS_FORM_POST, permissions.RESOURCE_RESET_MY_PASSWORD_VIEW), + (permissions.ACTION_RESETMYPASSWORD, permissions.RESOURCE_USER_DB_MODELVIEW), + (permissions.ACTION_CAN_THIS_FORM_GET, permissions.RESOURCE_USERINFO_EDIT_VIEW), + (permissions.ACTION_CAN_THIS_FORM_POST, permissions.RESOURCE_USERINFO_EDIT_VIEW), + (permissions.ACTION_USERINFOEDIT, permissions.RESOURCE_USER_DB_MODELVIEW), + (permissions.ACTION_CAN_USERINFO, permissions.RESOURCE_USER_DB_MODELVIEW), + (permissions.ACTION_CAN_USERINFO, permissions.RESOURCE_USER_OID_MODELVIEW), + (permissions.ACTION_CAN_USERINFO, permissions.RESOURCE_USER_LDAP_MODELVIEW), + (permissions.ACTION_CAN_USERINFO, permissions.RESOURCE_USER_OAUTH_MODELVIEW), + (permissions.ACTION_CAN_USERINFO, permissions.RESOURCE_USER_REMOTEUSER_MODELVIEW), ] # [END security_viewer_perms]