You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@nifi.apache.org by markobean <gi...@git.apache.org> on 2018/06/01 14:27:11 UTC

[GitHub] nifi pull request #2703: NIFI-4907: add 'view provenance' component policy

Github user markobean commented on a diff in the pull request:

    https://github.com/apache/nifi/pull/2703#discussion_r192413226
  
    --- Diff: nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/controller/ControllerFacade.java ---
    @@ -1359,7 +1363,12 @@ public ProvenanceEventDTO getProvenanceEvent(final Long eventId) {
                 } else {
                     dataAuthorizable = flowController.createLocalDataAuthorizable(event.getComponentId());
                 }
    -            dataAuthorizable.authorize(authorizer, RequestAction.READ, NiFiUserUtils.getNiFiUser(), attributes);
    +            // If not authorized for 'view the data', create only summarized provenance event
    --- End diff --
    
    My only concern with the approach you outlined is the additional authorizations calls to determine "if the user is allowed". What you suggest requires up to 2 additional authorizations per provenance event. Already on busy systems, we have observed authorizing the user to each provenance event as a limiting factor (it can result in provenance becoming unusable).  
    Having said that, unless you think of another approach which would require fewer authorizations calls, I'll proceed as you recommend. I suspect there may be a future JIRA ticket to address the provenance query/authorization impact anyhow; if so, this can be addressed at that time. We won't know for sure if this is a problem until we get the current fix into an appropriately loaded test environment.


---