Github user mcgilman commented on a diff in the pull request:
https://github.com/apache/nifi/pull/2703#discussion_r194499578
--- Diff:
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/controller/ControllerFacade.java
---
@@ -1389,104 +1420,119 @@ private ProvenanceEventDTO
createProvenanceEventDto(final ProvenanceEventRecord
// sets the component details if it can find the component still
in the flow
setComponentDetails(dto);
- // only include all details if not summarizing
- if (!summarize) {
- // convert the attributes
- final Comparator<AttributeDTO> attributeComparator = new
Comparator<AttributeDTO>() {
- @Override
- public int compare(AttributeDTO a1, AttributeDTO a2) {
- return
Collator.getInstance(Locale.US).compare(a1.getName(), a2.getName());
- }
- };
+// try {
+// AuthorizationResult result =
flowController.checkConnectableAuthorization(event.getComponentId());
+ AuthorizationResult result =
checkConnectableAuthorization(event.getComponentId());
+ if (Result.Denied.equals(result.getResult())) {
+ dto.setComponentType("Processor"); // is this always a
Processor?
+ dto.setComponentName(dto.getComponentId());
+ dto.setEventType("UNKNOWN");
+ }
- final SortedSet<AttributeDTO> attributes = new
TreeSet<>(attributeComparator);
+// authorizeData(event);
+ final AuthorizationResult dataResult =
checkAuthorizationForData(event); //(authorizer, RequestAction.READ, user,
event.getAttributes());
- final Map<String, String> updatedAttrs =
event.getUpdatedAttributes();
- final Map<String, String> previousAttrs =
event.getPreviousAttributes();
+ // only include all details if not summarizing and approved
+ if (!summarize &&
Result.Approved.equals(dataResult.getResult())) {
--- End diff --
If the user is not authorized for the data of a component we should still
be able to return a non-summary. In this case, we should just be leaving out
any of the data fields in the ProvenanceEventDto. I would consider these fields
data fields as they are associated with either attributes, content, or replay
(all of which requires data policies to execute).
```
private Collection<AttributeDTO> attributes;
private Boolean contentEqual;
private Boolean inputContentAvailable;
private String inputContentClaimSection;
private String inputContentClaimContainer;
private String inputContentClaimIdentifier;
private Long inputContentClaimOffset;
private String inputContentClaimFileSize;
private Long inputContentClaimFileSizeBytes;
private Boolean outputContentAvailable;
private String outputContentClaimSection;
private String outputContentClaimContainer;
private String outputContentClaimIdentifier;
private Long outputContentClaimOffset;
private String outputContentClaimFileSize;
private Long outputContentClaimFileSizeBytes;
private Boolean replayAvailable;
private String replayExplanation;
private String sourceConnectionIdentifier;
```
---
