gresockj commented on a change in pull request #5072:
URL: https://github.com/apache/nifi/pull/5072#discussion_r632768725
##########
File path:
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/ParameterContextResource.java
##########
@@ -147,7 +147,10 @@ private void authorizeReadParameterContext(final String
parameterContextId) {
@ApiResponse(code = 404, message = "The specified resource could not
be found."),
@ApiResponse(code = 409, message = "The request was valid but NiFi was
not in the appropriate state to process it. Retrying the same request later may
be successful.")
})
- public Response getParameterContext(@ApiParam("The ID of the Parameter
Context") @PathParam("id") final String parameterContextId) {
+ public Response getParameterContext(@ApiParam("The ID of the Parameter
Context") @PathParam("id") final String parameterContextId,
+ @ApiParam("Whether or not to include
inherited parameters from other parameter contexts, and therefore also
overridden values. " +
+ "If true, the result will be
the 'effective' parameter context.") @QueryParam("includeInheritedParameters")
+ @DefaultValue("false") final boolean
includeInheritedParameters) {
// authorize access
authorizeReadParameterContext(parameterContextId);
Review comment:
Good question.. the current authorization code is not conditional on
includeInheritedParameters (it always requires the user to have read access to
all inherited param contexts), but I can see how that could be nonintuitive.
Perhaps it's better to err on the side of more restrictive, though? Any strong
opinion on this?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
