Andrew Lim created NIFI-2329: -------------------------------- Summary: User authorization: Able to create a users with the same name which causes that user to lose User & Policies privileges Key: NIFI-2329 URL: https://issues.apache.org/jira/browse/NIFI-2329 Project: Apache NiFi Issue Type: Bug Components: Core UI Affects Versions: 1.0.0 Reporter: Andrew Lim Priority: Critical
I had an initial admin user who had default privs to access and modify Users & Policies. The UI allowed me to create another user with the same name. After that, the user could no longer access Users (get the error "Unable to perform the desired action due to insufficient permissions. Contact the system administrator." and can get into the Policies window, but can no longer make changes and see the message "Not authorized to access the policy for the specified resource." -- This message was sent by Atlassian JIRA (v6.3.4#6332)