apache · hussein-awala · Sep 15, 2023 · Sep 13, 2023 · Sep 13, 2023 · Sep 13, 2023
@@ -18,17 +18,19 @@
 
 from typing import TYPE_CHECKING
 
+from flask import g
 from sqlalchemy import select
 
 from airflow.api_connexion import security
+from airflow.api_connexion.exceptions import PermissionDenied
 from airflow.api_connexion.parameters import apply_sorting, check_limit, format_parameters
 from airflow.api_connexion.schemas.dag_warning_schema import (
     DagWarningCollection,
     dag_warning_collection_schema,
 )
 from airflow.models.dagwarning import DagWarning as DagWarningModel
 from airflow.security import permissions
-from airflow.utils.db import get_query_count
+from airflow.utils.airflow_flask_app import get_airflow_app
 from airflow.utils.session import NEW_SESSION, provide_session
 
 if TYPE_CHECKING:
@@ -57,12 +59,20 @@ def get_dag_warnings(
     allowed_filter_attrs = ["dag_id", "warning_type", "message", "timestamp"]
     query = select(DagWarningModel)
     if dag_id:
+        if not get_airflow_app().appbuilder.sm.can_read_dag(dag_id, g.user):
+            raise PermissionDenied(detail=f"User not allowed to access this DAG: {dag_id}")
         query = query.where(DagWarningModel.dag_id == dag_id)
     if warning_type:
         query = query.where(DagWarningModel.warning_type == warning_type)
-    total_entries = get_query_count(query, session=session)
     query = apply_sorting(query=query, order_by=order_by, allowed_attrs=allowed_filter_attrs)
     dag_warnings = session.scalars(query.offset(offset).limit(limit)).all()
+    if not dag_id:
+        dag_warnings = [
+            dag_warning
+            for dag_warning in dag_warnings
+            if get_airflow_app().appbuilder.sm.can_read_dag(dag_warning.dag_id, g.user)
+        ]
+    total_entries = len(dag_warnings)
     return dag_warning_collection_schema.dump(
         DagWarningCollection(dag_warnings=dag_warnings, total_entries=total_entries)
     )