Github user mcgilman commented on a diff in the pull request:
https://github.com/apache/nifi/pull/2703#discussion_r192493550
--- Diff:
nifi-nar-bundles/nifi-provenance-repository-bundle/nifi-persistent-provenance-repository/src/main/java/org/apache/nifi/provenance/WriteAheadProvenanceRepository.java
---
@@ -226,12 +226,7 @@ private void authorize(final ProvenanceEventRecord
event, final NiFiUser user) {
return;
}
- final Authorizable eventAuthorizable;
- if (event.isRemotePortType()) {
- eventAuthorizable =
resourceFactory.createRemoteDataAuthorizable(event.getComponentId());
- } else {
- eventAuthorizable =
resourceFactory.createLocalDataAuthorizable(event.getComponentId());
- }
+ final Authorizable eventAuthorizable =
resourceFactory.createProvenanceDataAuthorizable(event.getComponentId());
eventAuthorizable.authorize(authorizer, RequestAction.READ, user,
event.getAttributes());
--- End diff --
I don't think the attributes are necessary here. I'm pretty sure the event
attributes would be necessary for authorizing access to attributes/content.
---
