Joseph Percivall created NIFI-2554:
--------------------------------------
Summary: Components with references to Controller Services should
limit configuration options based on CS policies
Key: NIFI-2554
URL: https://issues.apache.org/jira/browse/NIFI-2554
Project: Apache NiFi
Issue Type: Bug
Reporter: Joseph Percivall
Priority: Critical
Fix For: 1.0.0
Take the situation below:
* InvokeHTTP processor I have view and modify permissions for
* There are multiple SSL contexts some of which I do not have view or modify
access to
* I am able to change the SSL Context Service property of the InvokeHTTP
processor to use a Controller service I do not have access to
This should not be allowed. The user should not be able to create references to
Controller Services they cannot view or modify.
That said, since the user has the explicit permission to modify the processor,
the user should be able to keep property referencing a CS they can't
view/modify if someone else configured it that way.
The UI will need to be explicit in conveying this to the user since it will be
a bit complicated (limiting a user's options when configuring a component they
have full access to)
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
