[
https://issues.apache.org/jira/browse/NIFI-1876?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15404625#comment-15404625
]
ASF GitHub Bot commented on NIFI-1876:
--------------------------------------
Github user JPercivall commented on the issue:
https://github.com/apache/nifi/pull/694
Hey @jtstorck, I just tried testing the latest commit and I don't think
everything was taken into account from the UI perspective with Labels and
Funnels. A couple of things I noticed (in a cluster 2 saying always Yes another
is policy based):
- Without Write permission for a Label, the UI still allows the user to
open the configuration up and attempt to make a change.
- I am able to see a label and it's contents without having the view
permission
- For Funnels (without having Read or Write) I can still attempt to move
it, copy/paste and drag the connections.
> Clustering - Merge all responses based on authorization
> -------------------------------------------------------
>
> Key: NIFI-1876
> URL: https://issues.apache.org/jira/browse/NIFI-1876
> Project: Apache NiFi
> Issue Type: Sub-task
> Components: Core Framework
> Reporter: Matt Gilman
> Assignee: Jeff Storck
> Fix For: 1.0.0
>
>
> Each node in a cluster may have a different view of the authorization access
> policies simply to in the timing of updates. Because of this, all requests
> need to be merged accordingly.
> Requests are directed at a specific resource. These would result in some 403
> responses.
> Some requests are contain a filtered view of a number of resources. These
> would need to be updated to return the most restrictive set of responses.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
