Joseph Percivall created NIFI-3047:
--------------------------------------
Summary: Viewing Provenance in an unsecure instance shouldn't
check if the component exists
Key: NIFI-3047
URL: https://issues.apache.org/jira/browse/NIFI-3047
Project: Apache NiFi
Issue Type: Bug
Affects Versions: 1.0.0
Reporter: Joseph Percivall
Priority: Minor
When viewing provenance, the instance checks if the component exists on the
graph in order to check if the user accessing provenance has the proper rights
to view provenance for that component. If the component doesn't exist then it
doesn't return any events (since it can't tell whether or not the user would
have access to the provenance information). This decision to not show events
for deleted components makes sense when the instance is secure but if it isn't
secured then it doesn't.
In an unsecure instance, all provenance events that exist in the repo should be
query-able regardless whether the component exists on the graph.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
