markap14 commented on issue #3351: NIFI-2933 Remote input/output ports at any PG URL: https://github.com/apache/nifi/pull/3351#issuecomment-471046513 @ijokarumawak I've been testing and reviewing this - great work! I tried to do some weird things to see if I could cause any errors, but you seem to have caught all of the corner cases that I could think of :) I left a handful of comments in the PR, mostly just minor things that need to be addressed, or naming conventions that I felt could be made more clear. Nothing big. I did notice a couple of things during testing that I wanted to call out though: - If I configure a Root Group Port, I have the checkbox for "Allow Remote Access." But if I uncheck it and hit Apply, I get an error. Since we don't allow the user to disable Remote Access, we should not allow them to change that in the UI. - If we're going to have the ability to drag a Port on and then configure to set "Allow Remote Access," I feel like the dialog that asks for a name should also include that checkbox so that it can be set when creating the Port. - I was a little surprised by the implementation, that a single Local Port can be configured to allow for Remote Access or not, but in either case it still functions as a Local Port. This feels a little odd to me, because a single component on the graph is serving two very different purposes. I feel like it should be either a Local Port or a Remote Port, not both. Thoughts on this? - While sending data to a port on a secure instance, I revoked my node's permissions to send data to the port. This worked as expected but produced a confusing error message: > 2019-03-07 13:44:51,046 ERROR [Timer-Driven Process Thread-1] o.a.n.r.p.socket.SocketClientProtocol SocketClientProtocol[CommsID=43359ff0-85be-42d3-9487-ed2c675c75b2] received unexpected response User Not Authorized: org.apache.nifi.remote.StandardPublicPort@2c831d3f authorization failed for user CN=localhost, OU=NIFI because Unable to modify data transfers to Input Port with ID 5970d42e-0169-1000-ffff-ffffbe062e3b. from Peer[url=nifi://localhost:9001] when negotiating Codec A quick search through the PR for the phrase "modify data transfers" did not yield any results, so it's possible that this error message has always been like this. If that's the case, then I don't want to hold up this PR for it, but we can probably create a JIRA to make that more clear.
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services
