You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@nifi.apache.org by "ASF GitHub Bot (JIRA)" <ji...@apache.org> on 2016/12/21 20:47:58 UTC

[jira] [Commented] (NIFI-3247) Remove unnecessary authorization check when creating a Connection

    [ https://issues.apache.org/jira/browse/NIFI-3247?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15768126#comment-15768126 ] 

ASF GitHub Bot commented on NIFI-3247:
--------------------------------------

GitHub user mcgilman opened a pull request:

    https://github.com/apache/nifi/pull/1353

    NIFI-3247: Removing unnecessary authorization check during second phase of connection creation

    NIFI-3247:
    - Removing unnecessary authorization check during second phase of connection creation.
    - Ensuring that the remote group port returns the correct resource type though not super critical since it is not possible to create policies for remote ports.


You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/mcgilman/nifi NIFI-3247

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/nifi/pull/1353.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #1353
    
----
commit 5b60ca104a121b7f269f0a12f66015ab9a9614fd
Author: Matt Gilman <ma...@gmail.com>
Date:   2016-12-21T20:46:32Z

    NIFI-3247:
    - Removing unnecessary authorization check during second phase of connection creation.
    - Ensuring that the remote group port returns the correct resource type though not super critical since it is not possible to create policies for remote ports.

----


> Remove unnecessary authorization check when creating a Connection
> -----------------------------------------------------------------
>
>                 Key: NIFI-3247
>                 URL: https://issues.apache.org/jira/browse/NIFI-3247
>             Project: Apache NiFi
>          Issue Type: Bug
>          Components: Core Framework
>            Reporter: Matt Gilman
>            Assignee: Matt Gilman
>             Fix For: 1.2.0
>
>
> We are currently performing an extra unnecessary authorization check in the StandardConnectionDAO. The source and destinations were already authorized as part of the phase one (in the two phase commit). The extra check happens to be in phase two and could lead to issues if it fails because a node has reloaded its policies from the configured authorizer.
> This additionally leads to issues when the source or destination component is a port in a RemoteProcessGroup that is self-referencing. This issue caused by NIFI-3155. However, removing the extra checks will resolve this issue NIFI-3155 still needs to be addressed for the reasons described.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)