I have a Nifi standalone Node secure with LDAP provider.
And I have 2 users: admin with all privilege and another user A with view/modify component.
When login by admin account, I create a Process Group name Admin_Flow
Although I grant Access Policies for process group Admin_Flow just for admin (view/modify,..)
When login by user A account, Although I can not see name of Process Group and it has dashed border but I still double click to that Process Group to go inside it.
When going inside Admin_Flow, I still can modify processors here.
What policy I granted for user A that user A can go inside process group although user A has no view/modify policy?
Can you set the policy on the process group itself?
1. Login as admin
2. Select the process group and click on the "Operate" controls on the left.
3. Click on the keys icon.
4. And remove the user_A present under "View the component" and "Modify the component"
Also make sure that the sub components are not overriding any parent policies.
What I mean to say if the sub components have their own policies, then they do not inherit the policies of the parent component.