Github user mcgilman commented on a diff in the pull request: https://github.com/apache/nifi/pull/2703#discussion_r194498155 --- Diff: nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/controller/ControllerFacade.java --- @@ -1389,104 +1420,119 @@ private ProvenanceEventDTO createProvenanceEventDto(final ProvenanceEventRecord // sets the component details if it can find the component still in the flow setComponentDetails(dto); - // only include all details if not summarizing - if (!summarize) { - // convert the attributes - final Comparator<AttributeDTO> attributeComparator = new Comparator<AttributeDTO>() { - @Override - public int compare(AttributeDTO a1, AttributeDTO a2) { - return Collator.getInstance(Locale.US).compare(a1.getName(), a2.getName()); - } - }; +// try { +// AuthorizationResult result = flowController.checkConnectableAuthorization(event.getComponentId()); + AuthorizationResult result = checkConnectableAuthorization(event.getComponentId()); + if (Result.Denied.equals(result.getResult())) { + dto.setComponentType("Processor"); // is this always a Processor? + dto.setComponentName(dto.getComponentId()); + dto.setEventType("UNKNOWN"); + } - final SortedSet<AttributeDTO> attributes = new TreeSet<>(attributeComparator); +// authorizeData(event); + final AuthorizationResult dataResult = checkAuthorizationForData(event); //(authorizer, RequestAction.READ, user, event.getAttributes()); --- End diff -- We only need to authorize for the data if the event is a non-summary. For instance, when we're pulling back 1000 summaries to load the provenance table we don't need to check any data policies.
---