Koji Kawamura created NIFI-3445:
-----------------------------------
Summary: Show more meaningful audit events for deleted components
Key: NIFI-3445
URL: https://issues.apache.org/jira/browse/NIFI-3445
Project: Apache NiFi
Issue Type: Improvement
Components: Core Framework, Core UI
Affects Versions: 1.0.0
Reporter: Koji Kawamura
Once a target component such as RemoteProcessGroup or Processor is removed from
a flow, its audit records as shown as 'Not authorized'. This can be problematic
since users won't be able to know who deleted the component.
This is because we no longer have the policies for that component so we don't
know who is allowed to read details about it. Possible solutions for changing
this behavior are below:
A. Retain all policies forever (or at least for some longer period of time when
we would need to know about some action).
B. Allow some events to always be accessible. Like the fact that an user
deleted a component but just filter out any details about it when the user is
unauthorized to read it or the component and its policies have been removed.
Accessing provenance has similar issue.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
