You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@nifi.apache.org by "ASF GitHub Bot (JIRA)" <ji...@apache.org> on 2017/01/05 21:28:58 UTC
[jira] [Commented] (NIFI-3251) Users who do not have modify the
component access policy for a process group should not be able to delete
components.
[ https://issues.apache.org/jira/browse/NIFI-3251?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15802573#comment-15802573 ]
ASF GitHub Bot commented on NIFI-3251:
--------------------------------------
GitHub user mcgilman opened a pull request:
https://github.com/apache/nifi/pull/1399
NIFI-3251: Updating authorization requirements for removing components
- Requiring WRITE permissions to the parent resource when attempting to remove a component.
- Updating expired certificates in the REST API integration tests.
NOTE: There are a couple places (templates and access policies) where the UI does not know if the user will have all required permissions ahead of time. I updated the UI where these details are known but think it makes sense to add these changes and update the remaining places one those details are available. The behavior now will simply provide a dialog indicating that the user does not have permissions to perform the desired action.
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/mcgilman/nifi NIFI-3251
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/nifi/pull/1399.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #1399
----
commit b406a6f8db405162d9f8de41fcf7d252ec142418
Author: Matt Gilman <ma...@gmail.com>
Date: 2017-01-05T21:21:50Z
NIFI-3251:
- Requiring WRITE permissions to the parent resource when attempting to remove a component.
- Updating expired certificates in the REST API integration tests.
----
> Users who do not have modify the component access policy for a process group should not be able to delete components.
> ---------------------------------------------------------------------------------------------------------------------
>
> Key: NIFI-3251
> URL: https://issues.apache.org/jira/browse/NIFI-3251
> Project: Apache NiFi
> Issue Type: Improvement
> Components: Core UI
> Affects Versions: 1.1.0
> Reporter: Matthew Clarke
> Assignee: Matt Gilman
> Priority: Minor
>
> Users are required to have "modify the component" access policy granted to them on a process group in which they want to add components to the canvas. They are not however required to have this access policy in order to remove components from the canvas. If a user is granted the "modify the component" access policy on a specific processor, that user can then delete that processor. The "modify the component" access policy when granted to a processor should only allow that user to modify the configuration (start, stop, disable, modify setting/properties). User should still be unable to delete that processor.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)