[AIRFLOW-3103][AIRFLOW-3147] Update flask-appbuilder (#3937)

apache · Jan 9, 2019 · 7d87437 · 7d87437
1 parent 37851e9
commit 7d87437
Show file tree

Hide file tree

Showing 3 changed files with 22 additions and 6 deletions.
diff --git a/UPDATING.md b/UPDATING.md
@@ -106,6 +106,22 @@ If you want to use LDAP auth backend without TLS then you will habe to create a
 custom-auth backend based on
 https://github.com/apache/airflow/blob/1.10.0/airflow/contrib/auth/backends/ldap_auth.py
 
+### Custom auth backends interface change
+
+We have updated the version of flask-login we depend upon, and as a result any
+custom auth backends might need a small change: `is_active`,
+`is_authenticated`, and `is_anonymous` should now be properties. What this means is if
+previously you had this in your user class
+
+    def is_active(self):
+      return self.active
+
+then you need to change it like this
+
+    @property
+    def is_active(self):
+      return self.active
+
 ## Airflow 1.10
 
 Installation and upgrading requires setting `SLUGIFY_USES_TEXT_UNIDECODE=yes` in your environment or

diff --git a/airflow/www_rbac/security.py b/airflow/www_rbac/security.py
@@ -195,7 +195,7 @@ def get_user_roles(self, user=None):
         """
         if user is None:
             user = g.user
-        if user.is_anonymous():
+        if user.is_anonymous:
             public_role = appbuilder.config.get('AUTH_ROLE_PUBLIC')
             return [appbuilder.security_manager.find_role(public_role)] \
                 if public_role else []
@@ -221,7 +221,7 @@ def get_accessible_dag_ids(self, username=None):
         if not username:
             username = g.user
 
-        if username.is_anonymous() or 'Public' in username.roles:
+        if username.is_anonymous or 'Public' in username.roles:
             # return an empty list if the role is public
             return set()
 
@@ -245,7 +245,7 @@ def has_access(self, permission, view_name, user=None):
         """
         if not user:
             user = g.user
-        if user.is_anonymous():
+        if user.is_anonymous:
             return self.is_item_public(permission, view_name)
         return self._has_view_access(user, permission, view_name)
 

diff --git a/tests/www_rbac/test_security.py b/tests/www_rbac/test_security.py
@@ -109,7 +109,7 @@ def test_init_role_modelview(self):
 
     def test_get_user_roles(self):
         user = mock.MagicMock()
-        user.is_anonymous.return_value = False
+        user.is_anonymous = False
         roles = self.appbuilder.sm.find_role('Admin')
         user.roles = roles
         self.assertEqual(self.security_manager.get_user_roles(user), roles)
@@ -144,7 +144,7 @@ def test_get_accessible_dag_ids(self, mock_get_user_roles,
         self.security_manager.init_role(role_name, role_vms, role_perms)
         role = self.security_manager.find_role(role_name)
         user.roles = [role]
-        user.is_anonymous.return_value = False
+        user.is_anonymous = False
         mock_get_all_permissions_views.return_value = {('can_dag_read', 'dag_id')}
 
         mock_get_user_roles.return_value = [role]
@@ -154,7 +154,7 @@ def test_get_accessible_dag_ids(self, mock_get_user_roles,
     @mock.patch('airflow.www_rbac.security.AirflowSecurityManager._has_view_access')
     def test_has_access(self, mock_has_view_access):
         user = mock.MagicMock()
-        user.is_anonymous.return_value = False
+        user.is_anonymous = False
         mock_has_view_access.return_value = True
         self.assertTrue(self.security_manager.has_access('perm', 'view', user))