NIFI-6644 - Consider param context permissions when deciding to allow property conversion to parameter.

NIFI-6644 - when deciding to show the convert prop option: enforce user has read and write permissions to the param context & the props are not for a controller service defined in the controller settings.

This closes #3713

nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui/src/main/webapp/js/jquery/propertytable/jquery.propertytable.js

@@ -1363,14 +1363,16 @@
             }
 
             if (options.readOnly !== true) {
-                var canModifyParamContexts = nfCommon.canModifyParameterContexts();
-                var paramContextIsSet = false;
-                if (_.isFunction(options.getParameterContextId)) {
-                    paramContextIsSet = !_.isNil(options.getParameterContextId(groupId));
+                var canConvertPropertyToParam = false;
+                if (_.isFunction(options.getParameterContext)) {
+                    var paramContext = options.getParameterContext(groupId);
+                    var canWriteParamContext = _.get(paramContext, 'permissions.canWrite', false);
+                    var canReadParamContext = _.get(paramContext, 'permissions.canRead', false);
+                    canConvertPropertyToParam = canWriteParamContext && canReadParamContext;
                 }
                 var referencesParam = referencesParameter(dataContext.value);
 
-                if (canModifyParamContexts && paramContextIsSet && !referencesParam && !identifiesControllerService) {
+                if (canConvertPropertyToParam && !referencesParam && !identifiesControllerService) {
                     markup += '<div title="Convert to parameter" class="convert-to-parameter pointer fa fa-level-up"></div>';
                 }
 
@@ -1571,16 +1573,20 @@
                         }
                     }
                 } else if (target.hasClass('convert-to-parameter')) {
-                    var parameterContextId;
-                    if (_.isFunction(options.getParameterContextId)) {
-                        parameterContextId = options.getParameterContextId(groupId);
+                    var parameterContext;
+                    var canConvertPropertyToParam = false;
+                    if (_.isFunction(options.getParameterContext)) {
+                        parameterContext = options.getParameterContext(groupId);
+                        var canWriteParamContext = _.get(parameterContext, 'permissions.canWrite', false);
+                        var canReadParamContext = _.get(parameterContext, 'permissions.canRead', false);
+                        canConvertPropertyToParam = canWriteParamContext && canReadParamContext;
                     }
 
-                    if (options.readOnly !== true && !_.isNil(parameterContextId)) {
+                    if (options.readOnly !== true && canConvertPropertyToParam) {
                         var descriptors = table.data('descriptors');
                         var propertyDescriptor = descriptors[property.property];
 
-                        nfParameterContexts.convertPropertyToParameter(property, propertyDescriptor, parameterContextId)
+                        nfParameterContexts.convertPropertyToParameter(property, propertyDescriptor, parameterContext.id)
                             .done(function (parameter) {
                                 var updatedItem = _.extend({}, property, {
                                     previousValue: property.value,

nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui/src/main/webapp/js/nf/canvas/nf-controller-service.js

@@ -1876,10 +1876,14 @@
                     goToServiceDeferred: function () {
                         return goToServiceFromProperty(serviceTable);
                     },
-                    getParameterContextId: function (groupId) {
+                    getParameterContext: function (groupId) {
+                        if (_.isNil(controllerServiceEntity.parentGroupId)) {
+                            return null;
+                        }
+
                         var parameterContext;
 
-                        // attempt to identify the parameter context id, conditional based on whether
+                        // attempt to identify the parameter context, conditional based on whether
                         // the user is configuring the current process group
                         if (_.isNil(groupId) || groupId === nfCanvasUtils.getGroupId()) {
                             parameterContext = nfCanvasUtils.getParameterContext();
@@ -1888,7 +1892,7 @@
                             parameterContext = parentProcessGroup.parameterContext;
                         }
 
-                        return nfCommon.isDefinedAndNotNull(parameterContext) ? parameterContext.id : null;
+                        return parameterContext;
                     }
                 });
 

nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui/src/main/webapp/js/nf/canvas/nf-processor-configuration.js

@@ -660,10 +660,9 @@
                     }).promise();
                 },
                 goToServiceDeferred: goToServiceFromProperty,
-                getParameterContextId: function (groupId) {
+                getParameterContext: function (groupId) {
                     // processors being configured must be in the current group
-                    var parameterContext = nfCanvasUtils.getParameterContext();
-                    return nfCommon.isDefinedAndNotNull(parameterContext) ? parameterContext.id : null;
+                    return nfCanvasUtils.getParameterContext();
                 }
             });
         },