mcgilman commented on a change in pull request #5072: URL: https://github.com/apache/nifi/pull/5072#discussion_r632759213
########## File path: nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/ParameterContextResource.java ########## @@ -147,7 +147,10 @@ private void authorizeReadParameterContext(final String parameterContextId) { @ApiResponse(code = 404, message = "The specified resource could not be found."), @ApiResponse(code = 409, message = "The request was valid but NiFi was not in the appropriate state to process it. Retrying the same request later may be successful.") }) - public Response getParameterContext(@ApiParam("The ID of the Parameter Context") @PathParam("id") final String parameterContextId) { + public Response getParameterContext(@ApiParam("The ID of the Parameter Context") @PathParam("id") final String parameterContextId, + @ApiParam("Whether or not to include inherited parameters from other parameter contexts, and therefore also overridden values. " + + "If true, the result will be the 'effective' parameter context.") @QueryParam("includeInheritedParameters") + @DefaultValue("false") final boolean includeInheritedParameters) { // authorize access authorizeReadParameterContext(parameterContextId); Review comment: When `includeInheritedParameters` is true, should we be verifying that the current user has permissions to every inherited parameter context? Is this a behavior we want to be conditional? Or once a Parameter Context has included inherited Parameter Contexts and it becomes unauthorized for some user without permissions to every inherited Parameter Context should we always prevent access to the requested Parameter Context regardless of the value of `includeInheritedParameters`? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org