Github user joshelser commented on the issue:
https://github.com/apache/nifi/pull/2518
> Would you please educate me why delete operation uses expression instead
of a comma separated labels as scan does
The general reasoning is this: you may have multiple "values" for the same
key at different levels of visibility. Consider credit-card information:
```
josh-creditcard1 f:number [private] -> 123456-1234-12345678
josh-creditcard1 f:number [seller] -> xxxxxx-xxxx-xxxx5678
```
The visibility label for Accumulo is an expression that defines if a user
with a collection of visibility labels is allowed to see that record. The
expression also contributes to the uniqueness of that key, almost acting as a
kind of "attribute" for the record being store.
Requiring the exact visibility label to delete the record is also important
in a multi-tenant system with various levels of visibility because you may not
know if other copies of the Key exist that you are unaware of. For example, if
a "seller" was trying to delete my creditcard1 information, they would be
unaware that my full creditcard number also exists there -- if we gave
acknowledgment that it was deleted, that would be an information leak.
---
