[
https://issues.apache.org/jira/browse/NIFI-13057?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17837801#comment-17837801
]
Joe Witt commented on NIFI-13057:
---------------------------------
[~dstiegli1] Reading the description this sounds like it is working as it
should. The 'empty string' is a valid input or in general is a valid input
(obviously a non empty string validator would change that). But when it comes
to sensitive values once they're entered (even if that is an empty string) this
is still an entry and we're showing that it is set but as always with sensitive
we're not showing what it is set to. Given that it is required you can never
unset the value. You can only change it.
With that in mind what are you proposing?
> When a property is both required and sensitive, setting it blank does not
> remove the "Sensitive value set" message.
> -------------------------------------------------------------------------------------------------------------------
>
> Key: NIFI-13057
> URL: https://issues.apache.org/jira/browse/NIFI-13057
> Project: Apache NiFi
> Issue Type: Bug
> Reporter: Daniel Stieglitz
> Priority: Major
> Attachments: image-2024-04-16-13-13-24-650.png
>
>
> When testing [NIIFI-12960|https://issues.apache.org/jira/browse/NIFI-12960],
> I noticed when a property had the combination
> {code:java}
> .required(true)
> .sensitive(true)
> {code}
> and after a user entered a value and then attempts to remove the value it
> does not work and the message "Sensitive value set" still remains in the text
> box. This is even when the user checks the "Set empty string" checkbox.
> Attached is a screenshot of a DecryptContent processor after an attempt to
> remove the set password.
> !image-2024-04-16-13-13-24-650.png!
> The combination
> {code:java}
> .required(true)
> .sensitive(true)
> {code}
> is prevalent in the code base. I found it ~40 times in the following files.
> # QueryAirtableTable
> # StandardAsanaClientProviderService
> # ClientSideEncryptionSupport
> # AzureStorageUtils
> # StandardKustoIngestService
> # AbstractAzureLogAnalyticsReportingTask
> # DecryptContent
> # DecryptContentAge
> # DecryptContentCompatibility
> # EncryptContentAge
> # VerifyContentMAC
> # StandardDropboxCredentialService
> # AbstractEmailProcessor
> # GhostFlowRegistryClient
> # GhostControllerService
> # GhostFlowAnalysisRule
> # GhostParameterProvider
> # GhostProcessor
> # GhostReportingTask
> # Neo4JCypherClientService
> # GetHubSpot
> # AbstractIoTDB
> # StandardPGPPrivateKeyService
> # GetShopify
> # ListenSlack
> # ConsumeSlack
> # PublishSlack
> # SlackRecordSink
> # BasicProperties
> # V3SecurityProperties
> # ConsumeTwitter
> # OnePasswordParameterProvider
> # KerberosPasswordUserService
> # StandardOauth2AccessTokenProvider
> # GetWorkdayReport
> # ZendeskProperties
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
