updated comments

Author: DavidGitter

rego/nifi_global_policies.rego

@@ -1,3 +1,8 @@
+# DESCRIPTION
+# This file contains the permissions for the global policies
+# that can be found in the NiFi Admin Guide:
+# https://nifi.apache.org/docs/nifi-docs/html/administration-guide.html#access-policies
+
 package nifi_global_policies
 
 global_policies := {

rego/nifi_node_policies.rego

@@ -1,3 +1,13 @@
+# DESCRIPTION
+# This file contains the permissions for the node components in your flow.
+# A node component is every component on Level 3 or higher. So every component
+# that is contained in the components on the canvas you see after the login.
+# [IMPORTANT] Those permissions are set using the UUID of the component.
+# Thus the permissions can only be created if the component is already existing.
+#
+# The available access policy discriptors can be found here:
+# https://nifi.apache.org/docs/nifi-docs/html/administration-guide.html#access-policies
+
 package nifi_node_policies
 
 node_policies := {

rego/nifi_root_policies.rego

@@ -1,6 +1,20 @@
+# DESCRIPTION
+# This file contains the permissions for the root components in your flow.
+# A root component is every component on Level 1 (NiFi Flow it self) and
+# Level 2 which are all components located directly in the NiFi Flow (those you see
+# when you log into the Web-UI).
+# [IMPORTANT] Those permissions are set using the future name of the component.
+# Thus the permissions can be created before the components even exist.
+#
+# The available access policy discriptors can be found here:
+# https://nifi.apache.org/docs/nifi-docs/html/administration-guide.html#access-policies
+
 package nifi_root_policies
 
 root_policies := {
+    "/processors": {
+    }
+
     "/process-groups": {
         "Projekt1":{
             "read": {

rego/nifi_rules.rego

@@ -176,8 +176,6 @@ allow := {
 
 
 ## check for illegal 'non-root equals root name' component name
-
-# illegal name
 allow := {
     "allowed": "false", 
     "dumpCache": true,