[jira] [Resolved] (NIFI-12472) NiFi Registry Client requires that users have view on "Access the controller".

Mon, 05 Jan 2026 02:38:42 -0800 


     [ 
https://issues.apache.org/jira/browse/NIFI-12472?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Pierre Villard resolved NIFI-12472.
-----------------------------------
    Resolution: Feedback Received

Apache NiFi 1.x is no longer maintained and no new release is planned on the 
1.x release line. Marking as resolved as part of a cleanup operation. Please 
open a new one with an updated description if this is still relevant for NiFi 
2.x.

> NiFi Registry Client requires that users have view on "Access the controller".
> ------------------------------------------------------------------------------
>
>                 Key: NIFI-12472
>                 URL: https://issues.apache.org/jira/browse/NIFI-12472
>             Project: Apache NiFi
>          Issue Type: Bug
>          Components: Core UI
>    Affects Versions: 1.18.0
>            Reporter: Matthew Clarke
>            Priority: Major
>
> If a user tries to start or change version control of a process group, the UI 
> will show non-stop spinner in toolbar and never display the pop-up Flow 
> Version UI.
> Through inspect in the browser I can see this exception:
> nf-canvas-all.js?1.18.0:47 Uncaught TypeError: Cannot read properties of 
> undefined (reading 'name')
>     at Object.<anonymous> (nf-canvas-all.js?1.18.0:47:3629)
>     at Function.each (jquery.min.js:2:3003)
>     at b.each (jquery.each.js:1:96)
>     at Object.<anonymous> (nf-canvas-all.js?1.18.0:47:3562)
>     at c (jquery.min.js:2:28327)
>     at Object.fireWith [as resolveWith] (jquery.min.js:2:29072)
>     at l (jquery.min.js:2:79901)
>     at XMLHttpRequest.<anonymous> (jquery.min.js:2:82355)
> If I grant the user "view" on the "Access the controller" global policy, this 
> issue goes away.  This was not the case prior to NiFi 1.18
> I appears that https://issues.apache.org/jira/browse/NIFI-10497 introduced 
> this new policy requirement.   The documentation does not reflect this change 
> nor does it make sense to me why a user needs access the controller view 
> access in order to start or change version control for a process group the 
> user has full authorized access to and the user has full authorization within 
> Registry to a bucket.
> Needing to grant users view on "access the controller" also provides the 
> authorized users with view on other components that that user really has no 
> need to see.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to