thenatog commented on a change in pull request #4342:
URL: https://github.com/apache/nifi/pull/4342#discussion_r441826353
##########
File path:
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/AccessResource.java
##########
@@ -592,6 +605,12 @@ public Response createUiExtensionToken(@Context
HttpServletRequest httpServletRe
throw new AccessDeniedException("No user authenticated in the
request.");
}
+ // authorize access
+ serviceFacade.authorizeAccess(lookup -> {
+ final Authorizable controller = lookup.getController();
+ controller.authorize(authorizer, RequestAction.READ,
NiFiUserUtils.getNiFiUser());
Review comment:
In retrospect I'm not sure this is the best way to handle authorizing
this request. I will close this PR for now.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
