From a7fa258ba1c69a18e0f620499625f6026768dc24 Mon Sep 17 00:00:00 2001
From: Vincent <97131062+vincbeck@users.noreply.github.com>
Date: Fri, 9 Feb 2024 17:27:10 -0500
Subject: [PATCH] Fix permission check on DAGs when `access_entity` is
 specified (#37290)

(cherry picked from commit 2adbe882e68df0e2b1084bc869616bb01e416aa7)
---
 airflow/api_connexion/security.py | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/airflow/api_connexion/security.py b/airflow/api_connexion/security.py
index 5d179d907ce81..17174636cd601 100644
--- a/airflow/api_connexion/security.py
+++ b/airflow/api_connexion/security.py
@@ -145,10 +145,11 @@ def callback():
             # ``access`` means here:
             # - if a DAG id is provided (``dag_id`` not None): is the user authorized to access this DAG
             # - if no DAG id is provided: is the user authorized to access all DAGs
-            if dag_id or access:
+            if dag_id or access or access_entity:
                 return access
 
-            # No DAG id is provided and the user is not authorized to access all DAGs
+            # No DAG id is provided, the user is not authorized to access all DAGs and authorization is done
+            # on DAG level
             # If method is "GET", return whether the user has read access to any DAGs
             # If method is "PUT", return whether the user has edit access to any DAGs
             return (method == "GET" and any(get_auth_manager().get_permitted_dag_ids(methods=["GET"]))) or (