Github user markobean commented on a diff in the pull request:
https://github.com/apache/nifi/pull/2703#discussion_r192413226
--- Diff:
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/controller/ControllerFacade.java
---
@@ -1359,7 +1363,12 @@ public ProvenanceEventDTO getProvenanceEvent(final
Long eventId) {
} else {
dataAuthorizable =
flowController.createLocalDataAuthorizable(event.getComponentId());
}
- dataAuthorizable.authorize(authorizer, RequestAction.READ,
NiFiUserUtils.getNiFiUser(), attributes);
+ // If not authorized for 'view the data', create only
summarized provenance event
--- End diff --
My only concern with the approach you outlined is the additional
authorizations calls to determine "if the user is allowed". What you suggest
requires up to 2 additional authorizations per provenance event. Already on
busy systems, we have observed authorizing the user to each provenance event as
a limiting factor (it can result in provenance becoming unusable).
Having said that, unless you think of another approach which would require
fewer authorizations calls, I'll proceed as you recommend. I suspect there may
be a future JIRA ticket to address the provenance query/authorization impact
anyhow; if so, this can be addressed at that time. We won't know for sure if
this is a problem until we get the current fix into an appropriately loaded
test environment.
---
