[jira] [Commented] (NIFI-3247) Remove unnecessary authorization check when creating a Connection

Wed, 21 Dec 2016 12:48:11 -0800 

    [ 
https://issues.apache.org/jira/browse/NIFI-3247?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15768126#comment-15768126
 ] 

ASF GitHub Bot commented on NIFI-3247:
--------------------------------------

GitHub user mcgilman opened a pull request:

    https://github.com/apache/nifi/pull/1353

    NIFI-3247: Removing unnecessary authorization check during second phase of 
connection creation

    NIFI-3247:
    - Removing unnecessary authorization check during second phase of 
connection creation.
    - Ensuring that the remote group port returns the correct resource type 
though not super critical since it is not possible to create policies for 
remote ports.


You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/mcgilman/nifi NIFI-3247

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/nifi/pull/1353.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #1353
    
----
commit 5b60ca104a121b7f269f0a12f66015ab9a9614fd
Author: Matt Gilman <[email protected]>
Date:   2016-12-21T20:46:32Z

    NIFI-3247:
    - Removing unnecessary authorization check during second phase of 
connection creation.
    - Ensuring that the remote group port returns the correct resource type 
though not super critical since it is not possible to create policies for 
remote ports.

----


> Remove unnecessary authorization check when creating a Connection
> -----------------------------------------------------------------
>
>                 Key: NIFI-3247
>                 URL: https://issues.apache.org/jira/browse/NIFI-3247
>             Project: Apache NiFi
>          Issue Type: Bug
>          Components: Core Framework
>            Reporter: Matt Gilman
>            Assignee: Matt Gilman
>             Fix For: 1.2.0
>
>
> We are currently performing an extra unnecessary authorization check in the 
> StandardConnectionDAO. The source and destinations were already authorized as 
> part of the phase one (in the two phase commit). The extra check happens to 
> be in phase two and could lead to issues if it fails because a node has 
> reloaded its policies from the configured authorizer.
> This additionally leads to issues when the source or destination component is 
> a port in a RemoteProcessGroup that is self-referencing. This issue caused by 
> NIFI-3155. However, removing the extra checks will resolve this issue 
> NIFI-3155 still needs to be addressed for the reasons described.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to