[
https://issues.apache.org/jira/browse/NIFI-3251?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15858484#comment-15858484
]
ASF subversion and git services commented on NIFI-3251:
-------------------------------------------------------
Commit f0c6739a1f826813820b94455039692fd680d654 in nifi's branch
refs/heads/master from [~mcgilman]
[ https://git-wip-us.apache.org/repos/asf?p=nifi.git;h=f0c6739 ]
NIFI-3251:
- Ensuring read permissions to the ControllerService before attempting to check
permissions to parent.
This closes #1483
> Users who do not have modify the component access policy for a process group
> should not be able to delete components.
> ---------------------------------------------------------------------------------------------------------------------
>
> Key: NIFI-3251
> URL: https://issues.apache.org/jira/browse/NIFI-3251
> Project: Apache NiFi
> Issue Type: Improvement
> Components: Core UI
> Affects Versions: 1.1.0
> Reporter: Matthew Clarke
> Assignee: Matt Gilman
> Priority: Minor
> Fix For: 1.2.0
>
>
> Users are required to have "modify the component" access policy granted to
> them on a process group in which they want to add components to the canvas.
> They are not however required to have this access policy in order to remove
> components from the canvas. If a user is granted the "modify the component"
> access policy on a specific processor, that user can then delete that
> processor. The "modify the component" access policy when granted to a
> processor should only allow that user to modify the configuration (start,
> stop, disable, modify setting/properties). User should still be unable to
> delete that processor.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
