[
https://issues.apache.org/jira/browse/NIFI-2554?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15421648#comment-15421648
]
ASF GitHub Bot commented on NIFI-2554:
--------------------------------------
Github user asfgit closed the pull request at:
https://github.com/apache/nifi/pull/860
> Components with references to Controller Services should limit configuration
> options based on CS policies
> ---------------------------------------------------------------------------------------------------------
>
> Key: NIFI-2554
> URL: https://issues.apache.org/jira/browse/NIFI-2554
> Project: Apache NiFi
> Issue Type: Bug
> Reporter: Joseph Percivall
> Assignee: Matt Gilman
> Priority: Critical
> Fix For: 1.0.0
>
>
> Take the situation below:
> * InvokeHTTP processor I have view and modify permissions for
> * There are multiple SSL contexts some of which I do not have view or modify
> access to
> * I am able to change the SSL Context Service property of the InvokeHTTP
> processor to use a Controller service I do not have access to
> This should not be allowed. The user should not be able to create references
> to Controller Services they cannot view or modify.
> That said, since the user has the explicit permission to modify the
> processor, the user should be able to keep property referencing a CS they
> can't view/modify if someone else configured it that way.
> The UI will need to be explicit in conveying this to the user since it will
> be a bit complicated (limiting a user's options when configuring a component
> they have full access to)
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
