Github user mcgilman commented on a diff in the pull request:
https://github.com/apache/nifi/pull/2703#discussion_r194498155
--- Diff:
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/controller/ControllerFacade.java
---
@@ -1389,104 +1420,119 @@ private ProvenanceEventDTO
createProvenanceEventDto(final ProvenanceEventRecord
// sets the component details if it can find the component still
in the flow
setComponentDetails(dto);
- // only include all details if not summarizing
- if (!summarize) {
- // convert the attributes
- final Comparator<AttributeDTO> attributeComparator = new
Comparator<AttributeDTO>() {
- @Override
- public int compare(AttributeDTO a1, AttributeDTO a2) {
- return
Collator.getInstance(Locale.US).compare(a1.getName(), a2.getName());
- }
- };
+// try {
+// AuthorizationResult result =
flowController.checkConnectableAuthorization(event.getComponentId());
+ AuthorizationResult result =
checkConnectableAuthorization(event.getComponentId());
+ if (Result.Denied.equals(result.getResult())) {
+ dto.setComponentType("Processor"); // is this always a
Processor?
+ dto.setComponentName(dto.getComponentId());
+ dto.setEventType("UNKNOWN");
+ }
- final SortedSet<AttributeDTO> attributes = new
TreeSet<>(attributeComparator);
+// authorizeData(event);
+ final AuthorizationResult dataResult =
checkAuthorizationForData(event); //(authorizer, RequestAction.READ, user,
event.getAttributes());
--- End diff --
We only need to authorize for the data if the event is a non-summary. For
instance, when we're pulling back 1000 summaries to load the provenance table
we don't need to check any data policies.
---
