[ https://issues.apache.org/jira/browse/NIFI-4907?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16508510#comment-16508510 ]
ASF GitHub Bot commented on NIFI-4907: -------------------------------------- Github user mcgilman commented on a diff in the pull request: https://github.com/apache/nifi/pull/2703#discussion_r194499578 --- Diff: nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/controller/ControllerFacade.java --- @@ -1389,104 +1420,119 @@ private ProvenanceEventDTO createProvenanceEventDto(final ProvenanceEventRecord // sets the component details if it can find the component still in the flow setComponentDetails(dto); - // only include all details if not summarizing - if (!summarize) { - // convert the attributes - final Comparator<AttributeDTO> attributeComparator = new Comparator<AttributeDTO>() { - @Override - public int compare(AttributeDTO a1, AttributeDTO a2) { - return Collator.getInstance(Locale.US).compare(a1.getName(), a2.getName()); - } - }; +// try { +// AuthorizationResult result = flowController.checkConnectableAuthorization(event.getComponentId()); + AuthorizationResult result = checkConnectableAuthorization(event.getComponentId()); + if (Result.Denied.equals(result.getResult())) { + dto.setComponentType("Processor"); // is this always a Processor? + dto.setComponentName(dto.getComponentId()); + dto.setEventType("UNKNOWN"); + } - final SortedSet<AttributeDTO> attributes = new TreeSet<>(attributeComparator); +// authorizeData(event); + final AuthorizationResult dataResult = checkAuthorizationForData(event); //(authorizer, RequestAction.READ, user, event.getAttributes()); - final Map<String, String> updatedAttrs = event.getUpdatedAttributes(); - final Map<String, String> previousAttrs = event.getPreviousAttributes(); + // only include all details if not summarizing and approved + if (!summarize && Result.Approved.equals(dataResult.getResult())) { --- End diff -- If the user is not authorized for the data of a component we should still be able to return a non-summary. In this case, we should just be leaving out any of the data fields in the ProvenanceEventDto. I would consider these fields data fields as they are associated with either attributes, content, or replay (all of which requires data policies to execute). ``` private Collection<AttributeDTO> attributes; private Boolean contentEqual; private Boolean inputContentAvailable; private String inputContentClaimSection; private String inputContentClaimContainer; private String inputContentClaimIdentifier; private Long inputContentClaimOffset; private String inputContentClaimFileSize; private Long inputContentClaimFileSizeBytes; private Boolean outputContentAvailable; private String outputContentClaimSection; private String outputContentClaimContainer; private String outputContentClaimIdentifier; private Long outputContentClaimOffset; private String outputContentClaimFileSize; private Long outputContentClaimFileSizeBytes; private Boolean replayAvailable; private String replayExplanation; private String sourceConnectionIdentifier; ``` > Provenance authorization refactoring > ------------------------------------ > > Key: NIFI-4907 > URL: https://issues.apache.org/jira/browse/NIFI-4907 > Project: Apache NiFi > Issue Type: Bug > Components: Core Framework > Affects Versions: 1.5.0 > Reporter: Mark Bean > Assignee: Mark Bean > Priority: Major > > Currently, the 'view the data' component policy is too tightly coupled with > Provenance queries. The 'query provenance' policy should be the only policy > required for viewing Provenance query results. Both 'view the component' and > 'view the data' policies should be used to refine the appropriate visibility > of event details - but not the event itself. > 1) Component Visibility > The authorization of Provenance events is inconsistent with the behavior of > the graph. For example, if a user does not have 'view the component' policy, > the graph shows this component as a "black box" (no details such as name, > UUID, etc.) However, when querying Provenance, this component will show up > including the Component Type and the Component Name. This is in effect a > violation of the policy. These component details should be obscured in the > Provenance event displayed if user does not have the appropriate 'view the > component' policy. > 2) Data Visibility > For a Provenance query, all events should be visible as long as the user > performing the query belongs to the 'query provenance' global policy. As > mentioned above, some information about the component may be obscured > depending on 'view the component' policy, but the event itself should be > visible. Additionally, details of the event (clicking the View Details "i" > icon) should only be accessible if the user belongs to the 'view the data' > policy for the affected component. If the user is not in the appropriate > 'view the data' policy, a popup warning should be displayed indicating the > reason details are not visible with more specific detail than the current > "Contact the system administrator". > 3) Lineage Graphs > As with the Provenance table view recommendation above, the lineage graph > should display all events. Currently, if the lineage graph includes an event > belonging to a component which the user does not have 'view the data', it is > shown on the graph as "UNKNOWN". As with Data Visibility mentioned above, the > graph should indicate the event type as long as the user is in the 'view the > component'. Subsequent "View Details" on the event should only be visible if > the user is in the 'view the data' policy. > In summary, for Provenance query results and lineage graphs, all events > should be shown. Component Name and Component Type information should be > conditionally visible depending on the corresponding component policy 'view > the component' policy. Event details including Provenance event type and > FlowFile information should be conditionally available depending on the > corresponding component policy 'view the data'. Inability to display event > details should provide feedback to the user indicating the reason. -- This message was sent by Atlassian JIRA (v7.6.3#76005)