diff --git a/airflow/api_connexion/security.py b/airflow/api_connexion/security.py index 660bc6cce2370..c6474fd60074f 100644 --- a/airflow/api_connexion/security.py +++ b/airflow/api_connexion/security.py @@ -16,9 +16,8 @@ # under the License. from __future__ import annotations -import warnings from functools import wraps -from typing import TYPE_CHECKING, Callable, Sequence, TypeVar, cast +from typing import TYPE_CHECKING, Callable, TypeVar, cast from flask import Response, g @@ -33,7 +32,6 @@ PoolDetails, VariableDetails, ) -from airflow.exceptions import RemovedInAirflow3Warning from airflow.utils.airflow_flask_app import get_airflow_app from airflow.www.extensions.init_auth_manager import get_auth_manager @@ -60,27 +58,6 @@ def check_authentication() -> None: raise Unauthenticated(headers=response.headers) -def requires_access(permissions: Sequence[tuple[str, str]] | None = None) -> Callable[[T], T]: - """ - Check current user's permissions against required permissions. - - Deprecated. Do not use this decorator, use one of the decorator `has_access_*` defined in - airflow/api_connexion/security.py instead. - This decorator will only work with FAB authentication and not with other auth providers. - - This decorator might be used in user plugins, do not remove it. - """ - warnings.warn( - "The 'requires_access' decorator is deprecated. Please use one of the decorator `requires_access_*`" - "defined in airflow/api_connexion/security.py instead.", - RemovedInAirflow3Warning, - stacklevel=2, - ) - from airflow.providers.fab.auth_manager.decorators.auth import _requires_access_fab - - return _requires_access_fab(permissions) - - def _requires_access(*, is_authorized_callback: Callable[[], bool], func: Callable, args, kwargs) -> bool: """ Define the behavior whether the user is authorized to access the resource. diff --git a/airflow/www/auth.py b/airflow/www/auth.py index f3f36e05e346b..47a06f52e94bc 100644 --- a/airflow/www/auth.py +++ b/airflow/www/auth.py @@ -18,7 +18,6 @@ import functools import logging -import warnings from functools import wraps from typing import TYPE_CHECKING, Callable, Sequence, TypeVar, cast @@ -39,7 +38,6 @@ VariableDetails, ) from airflow.configuration import conf -from airflow.exceptions import RemovedInAirflow3Warning from airflow.utils.net import get_hostname from airflow.www.extensions.init_auth_manager import get_auth_manager @@ -64,28 +62,6 @@ def get_access_denied_message(): return conf.get("webserver", "access_denied_message") -def has_access(permissions: Sequence[tuple[str, str]] | None = None) -> Callable[[T], T]: - """ - Check current user's permissions against required permissions. - - Deprecated. Do not use this decorator, use one of the decorator `has_access_*` defined in - airflow/www/auth.py instead. - This decorator will only work with FAB authentication and not with other auth providers. - - This decorator is widely used in user plugins, do not remove it. See - https://github.com/apache/airflow/pull/33213#discussion_r1346287224 - """ - warnings.warn( - "The 'has_access' decorator is deprecated. Please use one of the decorator `has_access_*`" - "defined in airflow/www/auth.py instead.", - RemovedInAirflow3Warning, - stacklevel=2, - ) - from airflow.providers.fab.auth_manager.decorators.auth import _has_access_fab - - return _has_access_fab(permissions) - - def has_access_with_pk(f): """ Check permissions on views. diff --git a/airflow/www/utils.py b/airflow/www/utils.py index 37c559055886f..f64c2e7fe8ae5 100644 --- a/airflow/www/utils.py +++ b/airflow/www/utils.py @@ -39,7 +39,6 @@ from sqlalchemy import delete, func, select, types from sqlalchemy.ext.associationproxy import AssociationProxy -from airflow.exceptions import RemovedInAirflow3Warning from airflow.models.dagrun import DagRun from airflow.models.dagwarning import DagWarning from airflow.models.errors import ParseImportError @@ -217,34 +216,6 @@ def check_dag_warnings(dag_id, session): flash(dag_warning.message, "warning") -def get_sensitive_variables_fields(): - import warnings - - from airflow.utils.log.secrets_masker import get_sensitive_variables_fields - - warnings.warn( - "This function is deprecated. Please use " - "`airflow.utils.log.secrets_masker.get_sensitive_variables_fields`", - RemovedInAirflow3Warning, - stacklevel=2, - ) - return get_sensitive_variables_fields() - - -def should_hide_value_for_key(key_name): - import warnings - - from airflow.utils.log.secrets_masker import should_hide_value_for_key - - warnings.warn( - "This function is deprecated. Please use " - "`airflow.utils.log.secrets_masker.should_hide_value_for_key`", - RemovedInAirflow3Warning, - stacklevel=2, - ) - return should_hide_value_for_key(key_name) - - def get_params(**kwargs): """Return URL-encoded params.""" return urlencode({d: v for d, v in kwargs.items() if v is not None}, True) diff --git a/newsfragments/41738.significant.rst b/newsfragments/41738.significant.rst new file mode 100644 index 0000000000000..428a723fac608 --- /dev/null +++ b/newsfragments/41738.significant.rst @@ -0,0 +1,5 @@ +Removed deprecated method ``has_access`` from ``airflow.www.auth``. Please use ``has_access_*`` instead. + +Removed deprecated method ``requires_access`` from ``airflow.api_connexion.security``. Please use ``requires_access_*`` instead. + +Removed deprecated method ``get_sensitive_variables_fields`` and ``should_hide_value_for_key`` from ``airflow.www.utils``. Please use ``airflow.utils.log.secrets_masker.get_sensitive_variables_fields`` and ``airflow.utils.log.secrets_masker.should_hide_value_for_key`` instead. diff --git a/tests/www/test_auth.py b/tests/www/test_auth.py index 513c8ac2cb067..613812968d27f 100644 --- a/tests/www/test_auth.py +++ b/tests/www/test_auth.py @@ -23,24 +23,13 @@ import airflow.www.auth as auth from airflow.auth.managers.models.resource_details import DagAccessEntity -from airflow.exceptions import RemovedInAirflow3Warning from airflow.models import Connection, Pool, Variable -from airflow.www.auth import has_access mock_call = Mock() pytestmark = pytest.mark.skip_if_database_isolation_mode -class TestHasAccessDecorator: - def test_has_access_decorator_raises_deprecation_warning(self): - with pytest.warns(RemovedInAirflow3Warning): - - @has_access - def test_function(): - pass - - @pytest.mark.parametrize( "decorator_name, is_authorized_method_name", [ diff --git a/tests/www/test_utils.py b/tests/www/test_utils.py index f7470c8c68832..ea7aa6b96faef 100644 --- a/tests/www/test_utils.py +++ b/tests/www/test_utils.py @@ -358,38 +358,6 @@ def test_json_f_webencoder(self): assert formatter(dagrun) == expected_markup -@pytest.mark.filterwarnings("ignore::DeprecationWarning") -def test_get_sensitive_variables_fields(): - with pytest.warns(DeprecationWarning) as warning: - result = utils.get_sensitive_variables_fields() - - # assert deprecation warning - assert len(warning) == 1 - assert "This function is deprecated." in str(warning[-1].message) - - from airflow.utils.log.secrets_masker import get_sensitive_variables_fields - - expected_result = get_sensitive_variables_fields() - assert result == expected_result - - -@pytest.mark.filterwarnings("ignore::DeprecationWarning") -def test_should_hide_value_for_key(): - key_name = "key" - - with pytest.warns(DeprecationWarning) as warning: - result = utils.should_hide_value_for_key(key_name) - - # assert deprecation warning - assert len(warning) == 1 - assert "This function is deprecated." in str(warning[-1].message) - - from airflow.utils.log.secrets_masker import should_hide_value_for_key - - expected_result = should_hide_value_for_key(key_name) - assert result == expected_result - - class TestWrappedMarkdown: def test_wrapped_markdown_with_docstring_curly_braces(self): rendered = wrapped_markdown("{braces}", css_class="a_class")