[ https://issues.apache.org/jira/browse/NIFI-3251?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15858484#comment-15858484 ]
ASF subversion and git services commented on NIFI-3251: ------------------------------------------------------- Commit f0c6739a1f826813820b94455039692fd680d654 in nifi's branch refs/heads/master from [~mcgilman] [ https://git-wip-us.apache.org/repos/asf?p=nifi.git;h=f0c6739 ] NIFI-3251: - Ensuring read permissions to the ControllerService before attempting to check permissions to parent. This closes #1483 > Users who do not have modify the component access policy for a process group > should not be able to delete components. > --------------------------------------------------------------------------------------------------------------------- > > Key: NIFI-3251 > URL: https://issues.apache.org/jira/browse/NIFI-3251 > Project: Apache NiFi > Issue Type: Improvement > Components: Core UI > Affects Versions: 1.1.0 > Reporter: Matthew Clarke > Assignee: Matt Gilman > Priority: Minor > Fix For: 1.2.0 > > > Users are required to have "modify the component" access policy granted to > them on a process group in which they want to add components to the canvas. > They are not however required to have this access policy in order to remove > components from the canvas. If a user is granted the "modify the component" > access policy on a specific processor, that user can then delete that > processor. The "modify the component" access policy when granted to a > processor should only allow that user to modify the configuration (start, > stop, disable, modify setting/properties). User should still be unable to > delete that processor. -- This message was sent by Atlassian JIRA (v6.3.15#6346)