Joseph Witt updated NIFI-2695:
    Fix Version/s:     (was: 1.1.0)

> Access Denied messages should include more information
> ------------------------------------------------------
>                 Key: NIFI-2695
>                 URL: https://issues.apache.org/jira/browse/NIFI-2695
>             Project: Apache NiFi
>          Issue Type: Improvement
>          Components: Core Framework, Core UI
>            Reporter: Jeff Storck
>            Priority: Minor
>             Fix For: 1.2.0
> Access Denied errors should provide more information than just the statement 
> that access has been denied.  At a minimum, the component types (controller 
> service, processor, process group, etc) and IDs for which access was denied 
> should be provided in the message.
> For example, if the user is attempting to create a template that includes a 
> child process group that has a controller service for which the user does not 
> have read access, the request to create the template will be denied, and the 
> user will be informed that it was denied.  While this is correct, the user 
> (and perhaps the admin) does not have a clear indication of which component 
> involved in the request caused the request to be denied.
> If the component types and IDs (ie "Process Group 123456789") are shown in 
> the error message (and logs), the user (and admin) have direct information to 
> use to solve any policy changes that might need to be made to allow the 
> user's request to complete successfully.

This message was sent by Atlassian JIRA

Reply via email to