In order to use Provenance to view details of a flow file, a user must
belong to the 'view the data' policy for a given component(s) along the
flow. For example, the lineage graph will show "UNKNOWN" for any component
which the user does not possess 'view the data'. Not only can the user not
identify which processor this is, but the user cannot view even core
attributes of the flowfile such as flowfile UUID either.
We use a custom authorizer which may restrict a user from 'view the data'
based on certain flowfile attribute(s). This creates a situation where the
NiFi Admins can potentially lose insight to the flow of data through the
system. An Admin can see that a given flowfile traversed X-number of
components, but cannot identify what components they were nor where the
flowfile ultimately was delivered.
It is necessary to maintain the ability to restrict even an Admin from
seeing flowfile content and user-defined attributes. However, it would be
highly desirable for the Admins to be able to view flowfile core attributes
throughout the flow. The information presented on the Details tab of a
Provenance event would suffice.
Can the information on this tab be separated from the 'view the data'
policy? Likely, this means creating a new policy type which does not