[
https://issues.apache.org/jira/browse/NIFI-2940?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15948967#comment-15948967
]
Matthew Clarke commented on NIFI-2940:
--------------------------------------
Even in a secured environment, any deleted components cannot be viewed in the
"Flow configuration history". Once a component is removed, a user cannot see
any of the flow configuration history for that component at all. This makes
conducting audits against the flow history impossible via the NiFi UI. This
also makes it difficult for users to use the history to recreate the deleted
component using all the same original settings. In production environments it
can be crucial to be able to perform such audits to see which users are
removing components. There should be a global access policy which when
assigned to a user will provide that user the ability to view the complete flow
configuration history.
> Unable to view deleted components in unsecured instance Flow Configuration
> HIstory
> ----------------------------------------------------------------------------------
>
> Key: NIFI-2940
> URL: https://issues.apache.org/jira/browse/NIFI-2940
> Project: Apache NiFi
> Issue Type: Bug
> Components: Core Framework
> Affects Versions: 1.0.0
> Reporter: Aldrin Piri
> Priority: Minor
>
> I have an unsecured instance of NiFi running a fairly standard flow.
> Upon deleting a connection I had wanted to see what relationships were
> attached to it, and viewed the Flow Configuration History. In that listing,
> while I could see that there was an event that took place, all of the details
> were listed as unauthorized.
> I additionally tested with other components (processors, funnels, etc) and
> noted similar results.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
