Airflow currently provides only an /admin UI interface for the webapp. This UI provides three distinct roles:
- Data profiler
In addition, Airflow currently provides the ability to log in, either via a secure proxy front-end, or via LDAP/Kerberos, within the webapp.
We run Airflow with LDAP authentication enabled. This helps us control access to the UI. However, there is insufficient granularity within the UI. We would like to be able to grant users the ability to:
- View their DAGs, but no one else's.
- Control their DAGs, but no one else's.
This is not possible right now. You can take away the ability to access the connections and data profiling tabs, but users can still see all DAGs, as well as control the state of the DB by clearing any DAG status, etc.
The authentication capabilities in the RBAC design proposal introduces a significant amount of work that is otherwise already built-in in existing frameworks.
Per community discussion, Flask-AppBuilder (FAB) is the best fit for Airflow as a foundation to implementing RBAC. This will support integration with different authentication backends out-of-the-box, and generate permissions for views and ORM models that will simplify view-level and dag-level access control.
This implies modifying the current flask views, and deprecating the current Flask-Admin in favor of FAB's crud.