[
https://issues.apache.org/jira/browse/NIFI-2696?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15446852#comment-15446852
]
Jeff Storck commented on NIFI-2696:
-----------------------------------
I meant the component type, processor/process group/controller service/etc. and
the ID, but nothing more specific than that.
This JIRA is a dupe of NIFI-2695, and is closed. Should we move these comments
to the other JIRA?
> Access Denied messages should include more information
> ------------------------------------------------------
>
> Key: NIFI-2696
> URL: https://issues.apache.org/jira/browse/NIFI-2696
> Project: Apache NiFi
> Issue Type: Improvement
> Components: Core Framework, Core UI
> Reporter: Jeff Storck
> Priority: Minor
> Fix For: 1.1.0
>
>
> Access Denied errors should provide more information than just the statement
> that access has been denied. At a minimum, the component types and IDs for
> which access was denied should be provided in the message.
> For example, if the user is attempting to create a template that includes a
> child process group that has a controller service for which the user does not
> have read access, the request to create the template will be denied, and the
> user will be informed that it was denied. While this is correct, the user
> (and perhaps the admin) does not have a clear indication of which component
> involved in the request caused the request to be denied.
> If the component types and IDs are shown in the error message (and logs), the
> user (and admin) have direct information to use to solve any policy changes
> that might need to be made to allow the user's request to complete
> successfully.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
