[
https://issues.apache.org/jira/browse/NIFI-2695?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15798910#comment-15798910
]
ASF subversion and git services commented on NIFI-2695:
-------------------------------------------------------
Commit b1c9f0e76428d69e7ee39448ef182ad0a23327ec in nifi's branch
refs/heads/master from [~mcgilman]
[ https://git-wip-us.apache.org/repos/asf?p=nifi.git;h=b1c9f0e ]
NIFI-2695: - Providing more granular and meaningful authorization error
messages.
This closes #1309.
Signed-off-by: Bryan Bende <[email protected]>
> Access Denied messages should include more information
> ------------------------------------------------------
>
> Key: NIFI-2695
> URL: https://issues.apache.org/jira/browse/NIFI-2695
> Project: Apache NiFi
> Issue Type: Improvement
> Components: Core Framework, Core UI
> Reporter: Jeff Storck
> Assignee: Matt Gilman
> Priority: Minor
> Fix For: 1.2.0
>
>
> Access Denied errors should provide more information than just the statement
> that access has been denied. At a minimum, the component types (controller
> service, processor, process group, etc) and IDs for which access was denied
> should be provided in the message.
> For example, if the user is attempting to create a template that includes a
> child process group that has a controller service for which the user does not
> have read access, the request to create the template will be denied, and the
> user will be informed that it was denied. While this is correct, the user
> (and perhaps the admin) does not have a clear indication of which component
> involved in the request caused the request to be denied.
> If the component types and IDs (ie "Process Group 123456789") are shown in
> the error message (and logs), the user (and admin) have direct information to
> use to solve any policy changes that might need to be made to allow the
> user's request to complete successfully.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
