[jira] [Commented] (NIFI-2595) Address Reporting Tasks that create Controller level bulletins

Thu, 18 Aug 2016 11:30:38 -0700 

    [ 
https://issues.apache.org/jira/browse/NIFI-2595?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15426955#comment-15426955
 ] 

ASF GitHub Bot commented on NIFI-2595:
--------------------------------------

GitHub user mcgilman opened a pull request:

    https://github.com/apache/nifi/pull/892

    Updating ReportingTasks to use ComponentLogger instead of creating 
Controller level bulletins

    NIFI-2595:
    - Updating ReportingTasks to use ComponentLogger instead of creating 
Controller level bulletins.
    - Making the bulletin responses consistent in that all bulletins will be 
included but in redacted form as appropriate.

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/mcgilman/nifi NIFI-2595

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/nifi/pull/892.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #892
    
----
commit c27b544fc4b60d6e98c1f09a7174e777ceee5827
Author: Matt Gilman <[email protected]>
Date:   2016-08-18T18:28:25Z

    NIFI-2595:
    - Updating ReportingTasks to use ComponentLogger instead of creating 
Controller level bulletins.
    - Making the bulletin responses consistent in that all bulletins will be 
included but in redacted form as appropriate.

----


> Address Reporting Tasks that create Controller level bulletins
> --------------------------------------------------------------
>
>                 Key: NIFI-2595
>                 URL: https://issues.apache.org/jira/browse/NIFI-2595
>             Project: Apache NiFi
>          Issue Type: Bug
>          Components: Extensions
>            Reporter: Matt Gilman
>            Assignee: Matt Gilman
>            Priority: Critical
>             Fix For: 1.0.0
>
>
> Some Reporting Tasks create bulletins directly through the 
> BulletinRepository. These are scoped to the Controller. Because they are 
> scoped to the Controller, they Bulletins are authorized at the Controller 
> level. If a user does not have access to the Reporting Task but does have 
> access to the Controller, these bulletins will be visible.
> Instead, Reporting Tasks should use the provided ComponentLog to create 
> component level bulletins which will be authorized according to the Reporting 
> Tasks policies.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to