joewitt commented on code in PR #8853:
URL: https://github.com/apache/nifi/pull/8853#discussion_r1614859942
##########
nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/dto/DtoFactory.java:
##########
@@ -4116,7 +4117,16 @@ private List<ThreadDumpDTO> createThreadDumpDtos(final
ProcessorNode procNode) {
return threadDumps;
}
- /**
+ // Pattern to match a parameter reference i.e. "#{anything}"
+ private static final Pattern PARAMETER_REFERENCE =
Pattern.compile("^#\\{.*}$");
Review Comment:
Yeah these are a couple good questions that came to mind for me as well. My
opinion, and i'm curious what others would say, is that
1. Yes it should match an existing parameter for us to reflect that
parameter name as the value in the case of a sensitive field whose value is a
parameter. I'm thinking we should be able to know they selected a parameter
by more than simply matching the string but i'm not positive about that.
2. If the user in question does not have read access to the associated
parameter then they should not get to know that parameter is in use for a
sensitive field.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscr...@nifi.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
