From 5dad650b526374365681d72613a73475cdecf127 Mon Sep 17 00:00:00 2001
From: Ashish Patel <ashishpatel0720@gmail.com>
Date: Sun, 24 Dec 2023 01:38:23 +0530
Subject: [PATCH] Bugfix: Webserver returns 500 for POST requests to
 api/dag/*/dagrun from anonymous user (#36275)

* airflow#36110 -  bugfix

* return type fixed

* airflow#36110 -  bugfix

* airflow#36110 -  fixes

* airflow#36110 -  fixes

* airflow#36110 -  adding test

* airflow#36110 -  adding test

* Fix unit test

* Don't call get_id twice

* Update app configuration after initialization

---------

Co-authored-by: hussein-awala <hussein@awala.fr>
Co-authored-by: Tzu-ping Chung <uranusjr@gmail.com>
(cherry picked from commit 71bc871d35cd3b562a49ce8f209098e2e24c1ef8)
---
 airflow/auth/managers/base_auth_manager.py    |  6 ++++--
 .../endpoints/test_dag_run_endpoint.py        | 20 +++++++++++++++++++
 2 files changed, 24 insertions(+), 2 deletions(-)

diff --git a/airflow/auth/managers/base_auth_manager.py b/airflow/auth/managers/base_auth_manager.py
index f50e40082b9014..f64c803e6a54d1 100644
--- a/airflow/auth/managers/base_auth_manager.py
+++ b/airflow/auth/managers/base_auth_manager.py
@@ -99,13 +99,15 @@ def get_user_display_name(self) -> str:
     def get_user(self) -> BaseUser | None:
         """Return the user associated to the user in session."""
 
-    def get_user_id(self) -> str:
+    def get_user_id(self) -> str | None:
         """Return the user ID associated to the user in session."""
         user = self.get_user()
         if not user:
             self.log.error("Calling 'get_user_id()' but the user is not signed in.")
             raise AirflowException("The user must be signed in.")
-        return str(user.get_id())
+        if user_id := user.get_id():
+            return str(user_id)
+        return None
 
     def init(self) -> None:
         """
diff --git a/tests/api_connexion/endpoints/test_dag_run_endpoint.py b/tests/api_connexion/endpoints/test_dag_run_endpoint.py
index 0a8015df9ddf62..2c4c393dd3022d 100644
--- a/tests/api_connexion/endpoints/test_dag_run_endpoint.py
+++ b/tests/api_connexion/endpoints/test_dag_run_endpoint.py
@@ -1861,3 +1861,23 @@ def test_should_respond_404(self):
             environ_overrides={"REMOTE_USER": "test"},
         )
         assert response.status_code == 404
+
+    @conf_vars(
+        {
+            ("api", "auth_backends"): "airflow.api.auth.backend.default",
+        }
+    )
+    def test_should_respond_200_with_anonymous_user(self, dag_maker, session):
+        from airflow.www import app as application
+
+        app = application.create_app(testing=True)
+        app.config["AUTH_ROLE_PUBLIC"] = "Admin"
+        dag_runs = self._create_test_dag_run(DagRunState.SUCCESS)
+        session.add_all(dag_runs)
+        session.commit()
+        created_dr = dag_runs[0]
+        response = app.test_client().patch(
+            f"api/v1/dags/{created_dr.dag_id}/dagRuns/TEST_DAG_RUN_ID_1/setNote",
+            json={"note": "I am setting a note with anonymous user"},
+        )
+        assert response.status_code == 200