Apply per-file authorization to dag-source endpoint#67662
Open
potiuk wants to merge 2 commits into
Open
Conversation
A single source file can define multiple Dags. The /dagSources/{dag_id}
endpoint previously returned the file's full source code as soon as the
caller had CODE access to dag_id, even when the caller was not
authorized to read every other Dag defined in the same file.
Apply the same per-file authorization overlay already used by the
import-errors endpoint (apache#65329): enumerate the Dags
sharing the (relative_fileloc, bundle_name) of the requested Dag,
intersect with the caller's readable Dag set, and redact the source
when any co-located Dag is not readable.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
potiuk
requested review from
bugraoz93,
choo121600,
ephraimbuddy,
jason810496,
pierrejeambrun,
rawwar and
shubhamraj-git
as code owners
potiuk
added
the
backport-to-v3-2-test
Add a Security Model subsection that describes the per-Dag read scope the dag-source retrieval endpoint enforces, and the known limitation around historical-version retrieval: the per-Dag scope is evaluated against the current file membership, which may differ from the file's contents at the time the requested version was stored. Deployments that rely on per-Dag read scoping for source isolation should keep one Dag per source file, or restrict DagAccessEntity.CODE accordingly. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
potiuk
force-pushed
the
tighten-dag-sources-per-file-authz
branch
from
8b0243a to
bce61c5
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR applies per-file authorization to the
/api/v2/dagSources/{dag_id}endpoint, matching the pattern already in place for the import-errors endpoint in #65329.The dag-source endpoint currently returns the full source code of the file containing the requested Dag, even when the file co-locates multiple Dags and the caller has read access to only some of them. After this change, the endpoint:
(relative_fileloc, bundle_name)as the requesteddag_id,"REDACTED - you do not have read permission on all Dags in the file"placeholder asimport_error.py),The endpoint's existing
DagAccessEntity.CODEdependency check on the requesteddag_idis preserved — this change adds a per-file overlay on top.Test plan
dag_abut no GET access to co-locateddag_breceives the redacted placeholder in response.prek runon touched files green.mypyclean on the touched file.Was generative AI tooling used to co-author this PR?
Generated-by: Claude Opus 4.7 (1M context) following the guidelines at https://github.com/apache/airflow/blob/main/contributing-docs/05_pull_requests.rst#gen-ai-assisted-contributions