-
Notifications
You must be signed in to change notification settings - Fork 2.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Reuse DataTransferAuthorizable in DataTransferResource #971
Conversation
- Re-using the DataTransferAuthorizable in the DataTransferResource. - Removing use of the DataTransferResource when obtaining site to site details as it performs additional unnecessary checks. - Code clean up.
Reviewing. |
Accessibility test of NiFi.Q based on Policies on NiFi.PNiFi.Q (RPG) <--pulls data from-- NiFi.P (output-port) I've done following test with output port. I did the same test for input port, too, got the same behavior. 'retrieve site-to-site details' policy
'send data via site-to-site' policy
ResultConfirmed that this PR relaxes SiteToSiteResource authorization check, and addresses policy setting issue reported by NIFI-2550. By doing step, 4 and 5, I noticed there's a difference on the UI in terms of how NiFi UI reports auth error to end user. I will submit another JIRA for this. Evidences:
NiFi.P's log
NiFi.Q's log
[7]
|
@mcgilman Thanks for the fix. I've reviewed the code and did a test described above comment. This PR works as expected. +1 for the change However, I couldn't test a situation that multiple user identities being authorized as a chain. Which doesn't happen with 1.0.0 so far, since data transfer is a direct Peer to Peer communication. |
Submitted another issue which was found while testing this PR. NIFI-2718: HTTP Site-to-Site doesn't report port auth failure well, compared to RAW |
Thanks @ijokarumawak. I've merged this into master following your +1. |
- Re-using the DataTransferAuthorizable in the DataTransferResource. - Removing use of the DataTransferResource when obtaining site to site details as it performs additional unnecessary checks. - Code clean up. - This closes apache#971.
NIFI-2704: